Read/Write permissions for PHP scripts at lancs.ac.uk

| acl | lancs | SunOS | www

My girlfriend wanted to create a blog, and she attempted to use her university provided web space. However, the blog software seemed unable to write to her webspace. Typically you would fix this by changing the write permissions on the file/directory like so:

chmod g+w filename

or

chmod o+w filename

However this did not seem to work. I noticed that the files which hosted the website were on a SunOS 5.8 machine, and this seemed to support access control lists (ACLs). So I looked at a few of the ACLs for the files and they looked like this:

$ getfacl filename
user::rwx
group::rwx              #effective:rwx
group:httpadmin:rwx     #effective:rwx
mask:rwx
other:r--

Since there is the group:httpadmin line, ISS are clearly using these ACLs. So I figured I would add the user the webserver is running under to the ACL. A quick look at a phpinfo() page showed me that the web server is running under user www in group www. So I first tried the following:

setfacl -m user:www:rw- filename

But that oddly didn’t work, but then I noted that the webserver was a linux machine, not SunOS, and that the UID of www was 48. A quick look at the UID of www on SunOS and it shows it is a completely different number. So for what ever reason ISS were unable to make the UIDs match between computers, so the correct command to type is:

setfacl -m user:48:rw- filename

Bottom line, if you wish to make your files or directories writable by scripts running on the webserver you must log into cent1 (via ssh), change to your www directory “/home/cent1/NN/username/www/public_html” and then issue the above command to the appropriate files.