title | taxonomy | ||
---|---|---|---|
Permissions |
|
Depending on your hosting environment, permissions may or may not be an issue you need to concern yourself with. The important thing to understand is that there is a potential for issue if the user you use to edit your files on the file-system is different from the user that PHP runs under (usually the webserver), or at the very least, the two users don't have Read/Write access to these files.
Being a file-based CMS, Kunena needs to write to the file-system in order to create cache and log files. There are three main scenarios:
-
This is the usual approach used by most shared hosting setups and also this approach works great for local development also. The blog post we wrote regarding OS X Yosemite, Apache, and PHP outlines how to configure Apache to run as your personal user account. This approach is not considered secure enough to use on a dedicated web host, so the second or third option should be used.
-
By using a shared Group between your user and PHP/Webserver account with
775
and664
permissions you ensure that even though you have two different accounts, both will have Read/Write access to the files. You should also probably set aumask 0002
on the root so that new files are created with the proper permissions. -
The last approach is to have completely different accounts and just update the ownership and permissions of the files after editing to ensure that the PHP/Webserver user can Read/Write appropriately.
A simple permissions-fixing shell script can be used to do this:
#!/bin/sh
chown joeblow:staff .
chown -R joeblow:staff *
find . -type f | xargs chmod 664
find . -type d | xargs chmod 775
find . -type d | xargs chmod +s
umask 0002
You can use this file and edit as needed for the appropriate user and group that works for your setup. What this script basically does, is:
- Changes the user and group of the current directory to
joeblow
andstaff
- Changes all files and subfolder to
joeblow
andstaff
ownership - Finds all the files from the current directory down and sets the permissions to
664
so they areRW
for User & Group andR
for Others. - Finds all the folders from the current directory down and sets the permissions to
775
so they areRWX
for User & Group andRX
for Others. - Sets the ownership of all directories to ensure that User and Group changes are maintained
- Sets the umask so that all new files are created with the correct
664
and775
permissions.