<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<tt>Johannes Nohl wrote:</tt>
<blockquote
cite="mid:33d293f80809241023t41bde86ex8e91f0131bf72d42@mail.gmail.com"
type="cite">
<blockquote type="cite">
<pre wrap=""><tt>I installed libapache2-mod-suphp-0.6.2-1+etch0,but have some problems.
when I create new file with php code it's permissions seems ok.(644)
but uploaded files with same way is not.(600)
</tt></pre>
</blockquote>
<pre wrap=""><!----><tt>
How files are created is managed by umask. Your php.ini is set to umask = 0644.
</tt></pre>
</blockquote>
<tt><br>
You must try to setup the right permissions.<br>
It is part of your application behavior and should be handled by your
application at the time of create/upload/edit the file.<br>
Actually, I have seen several applications with this as configurable.<br>
As PHP process run as the user it apply the same right to change the
permissions.<br>
<br>
</tt>
<blockquote
cite="mid:33d293f80809241023t41bde86ex8e91f0131bf72d42@mail.gmail.com"
type="cite">
<pre wrap=""><tt>
</tt></pre>
<blockquote type="cite">
<pre wrap=""><tt>Lots of people says that file upload operation is not related with suphp.
</tt></pre>
</blockquote>
<pre wrap=""><!----><tt>
Right. It depends on how you load up. Let's say by ftp then you have
to adjust the umask setting in your ftpd config. Or if users create
new files using ssh you need to adjust the shells umask.
I'd prefer to have a script that will adjust files automatically. Did
anyone wrote something like it? Could be written in php. It
recursively go through the files (htdocs and under) and chmod them
depending on their suffix. Additionally there need to be a mechanism
that prevent unwished changes. Please post it here if you've done
already.
</tt></pre>
</blockquote>
<tt><br>
How about this? I'm using ACL under Debian Stable.<br>
<br>
#!/bin/bash<br>
####################################<br>
#/usr/local/sbin/admin-repair-public_html <br>
####################################<br>
<br>
# Chech the executor is root<br>
if [ "`whoami`" != "root" ]; then<br>
echo "You must be root to execute this script"<br>
exit 0<br>
fi<br>
<br>
# Ask for the username<br>
echo -n "Username: "<br>
read username<br>
if [ -z "$username" ]; then<br>
echo "ERROR: Must provide a username"<br>
exit 0<br>
fi<br>
<br>
# Checking for the user<br>
if [ -z "`grep ^${username}: /etc/passwd`" ]; then<br>
echo "ERROR: The user does not exists"<br>
exit 0<br>
else<br>
if [ ! -d "/home/${username}/public_html" ]; then<br>
echo "ERROR: The user exists but the public_html directory doesn't"<br>
exit 0<br>
fi<br>
fi<br>
<br>
# Make owner of his files and acces to<br>
chmodrecursive /home/${username} 750 640 ${username} > /dev/null<br>
setfacl -m u:www-data:rx /home/${username}<br>
setfacl -R -m u:www-data:rx /home/${username}/public_html<br>
setfacl -d -R -m u:www-data:rx /home/${username}/public_html<br>
chmodrecursive /home/${username} 750 640 ${username} > /dev/null<br>
<br>
<br>
#!/bin/bash<br>
####################################<br>
#/usr/local/bin/chmodrecursive <br>
####################################<br>
<br>
DEBUG=""<br>
IFS=$'\n';<br>
<br>
<br>
function udf_change {<br>
chown $4:$4 "${1}" -R<br>
lstItem=`find "${1}"`<br>
for iItem in ${lstItem} ; do<br>
if [ "${iItem}" ]; then<br>
if [ "${DEBUG}" ] ; then echo -n "${iItem}: " ; fi<br>
if [ -L "${iItem}" ]; then<br>
if [ "${DEBUG}" ] ; then echo -n "link" ; fi<br>
elif [ -d "${iItem}" ]; then<br>
chmod $2 "${iItem}"<br>
if [ "${DEBUG}" ] ; then echo -n "dir" ; fi<br>
else<br>
chmod $3 "${iItem}"<br>
if [ "${DEBUG}" ] ; then echo -n "file" ; fi<br>
fi<br>
echo " ."<br>
fi<br>
done<br>
}<br>
<br>
function udf_syntax {<br>
echo "$0 directory chmod-dir chmod-file owner"<br>
exit 1<br>
}<br>
<br>
if [ -z "${1}" -o -z "${2}" -o -z "${3}" -o -z "${4}" ]; then<br>
udf_syntax<br>
fi<br>
<br>
udf_change "${1}" "${2}" "${3}" "${4}"<br>
<br>
</tt>
</body>
</html>