But drush is still changing permissions to 750 on the root > > directory on the remote server. This disables the site until I > > reset the permissions to 755.
DocumentRoot should never be able to be read by others. Drush is doing a good thing here. The DocumentRoot group should match that of the user id executing httpd. This would allow the httpd user to read the DocumentRoot directory with 750 permissions.
Thanks Ernie. I will contact the hoster for the appropriate way to handle this. cheers
Sorry for not using the exact terms, of course it is user - group - other where "user" == file owner and "other" == the rest of the world. In filezilla for example it is called owner, group and Public permissions, but this all boils down to the same point:
You should not have to make a file world/public/other - accessible if you want to keep your pants on ;-)
So right now maybe the file has the following denominations: drwxrwxr-x daniel daniel yourfolder which means that the group and owner bits are daniel if I want to change it to make it accessible not the world/other/public then I have to set it chmod 750 Now apache cannot access it, so I have two options:
1. I chown the folder (and subcontent - use with greatest care): chown -R daniel.www-data yourfolder This would be the option that you choose if you have a shell access or someway to change the group of your files. 2. I just add apache to the group daniel (not recommended)
(and yes, technically speaking it is user (u) group (g) and other (o) as in the bash-script that I use to correct my drupal permissions if I messed something up see http://mentalitea.com/drupalpermissions.)
Daniel
How do I unsubscribe from these emails? I signed up for the wrong one.
On Mon, Dec 17, 2012 at 2:42 PM, Daniel Germer daniel@triple5.org wrote:
But drush is still changing permissions to 750 on the root > > directory on the remote server. This disables the site until I > > reset the permissions to 755.
DocumentRoot should never be able to be read by others. Drush is> doing a good thing here. The DocumentRoot group should match that of> the user id executing httpd. This would allow the httpd user to read> the DocumentRoot directory with 750 permissions.
Thanks Ernie. I will contact the hoster for the appropriate way to handle this. cheers
Sorry for not using the exact terms, of course it is user - group - other where "user" == file owner and "other" == the rest of the world. In filezilla for example it is called owner, group and Public permissions, but this all boils down to the same point:
You should not have to make a file world/public/other - accessible if you want to keep your pants on ;-)
So right now maybe the file has the following denominations: drwxrwxr-x daniel daniel yourfolder which means that the group and owner bits are daniel if I want to change it to make it accessible not the world/other/public then I have to set it chmod 750 Now apache cannot access it, so I have two options:
- I chown the folder (and subcontent - use with greatest care):
chown -R daniel.www-data yourfolder This would be the option that you choose if you have a shell access or someway to change the group of your files. 2. I just add apache to the group daniel (not recommended)
(and yes, technically speaking it is user (u) group (g) and other (o) as in the bash-script that I use to correct my drupal permissions if I messed something up see http://mentalitea.com/drupalpermissions.)
Daniel
-- [ Drupal support list | http://lists.drupal.org/ ]
-
Daniel Germer -
Jada Benjamin