Mambo, Joomla, PHPNuke, etc...

Discussion in 'General' started by fobicodam, Jun 6, 2006.

  1. fobicodam

    fobicodam New Member

    The only way i found to run them (and a lot more packages) was to chown the folder where they will be running to apache:apache, then chmod them to 777.

    Is it the only one way?
  2. IntnsRed

    IntnsRed Member

    That's to be expected. Many CMS's need the ability to write into a subdirectory and the problem then becomes a file system permissions issue.

    As you point out, one or the other techniques (or both) will solve it:

    * Do a chmod 777 on the subdirectory that needs to be written into. There are, of course, some security concerns with giving world-write access like this.

    * Change the ownership of the subdirectory to whatever user/group Apache is running as (this varies depending on the particular distro used).

    Myself, I prefer the latter technique, though the former is "easier".
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    No, thats the easiest but most insecure way.

    The better solution is to run the PHP scripts under the webadmin user with either SuPHP or SuEXEC + CGI-PHP or PHP as fastcgi.
  4. fobicodam

    fobicodam New Member

    mmm but can i choose diferent users for every virtual site? thats the way ill do it on windows, but i dont know if apache can do it.

    About the chmod and chown, they only run fine if i do both.. i dont know why..
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    That's the purpose of the setups I listed above.
  6. fobicodam

    fobicodam New Member

    Haaa , ok, anyway i dont understand :p as you can see im a windows developer, im here just because windows has no secure email server...

    But.. what you say is running the site under the vsite admin user, can ispconfig create this configuration? what happens if the admin user change?
  7. IntnsRed

    IntnsRed Member

    It'd be unusual for that user to change; off the top of my head the only way that user would change is to delete the account and recreate it.

    Try this:

    Do a cd into the user's "web" subdirectory, e.g. "cd /home/www/web2/web".

    Get the ownership of the files there

    ls -l index.php
    -rw-r--r--  1 web2_intnsred web2 5831 Jan 17 20:41 index.php
    From the above we see that the username is "web2_intnsred" and the group is "web2".

    The directory can then be chown'ed to that user/group with a "chmod web2_intnsred:web2 DirectoryToChange" command.
  8. fobicodam

    fobicodam New Member

    i know, but the only way to run mambo now is seting apache as directory owner..
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPCOnfig supports SuEXEC + cgi-PHP out of the box and the other configurations by adding some additional config lines in the apache directives field of the website.

    Then the scripts are run under the new admin user. ISPConfig changes the admin ownership of the files automatically.
  10. falko

    falko Super Moderator Howtoforge Staff

    I have written a tutorial about suPHP, if you wait a few days, you can find it on HowtoForge.
  11. fobicodam

    fobicodam New Member

    Ill wait for it !!
  12. falko

    falko Super Moderator Howtoforge Staff

    Most likely I'll post it on Sunday. :)

Share This Page