On Wed, Jan 11, 2012 at 12:16 AM, naltimari <[email protected]> wrote:
> I've 'chmod +s' the /var/lib/cherokee/flcache and 'chown www-data:www-data' > chmod +s will change the sticky bit for the current user so when a new directory is created in /var/lib/cherokee it will make the logged in user that made the changes to the sticky bit the owner. chown www-data:www-data /var/lib/cherokee will only effect the owner of the /var/lib/cherokee directory, nothing below it which requires the -R flag, though that won't necessarily fix the problem either. but that didn't work also. The log still says that there is a permission > error. It's funny how cherokee can create directories inside > /var/lib/cherokee but can't write any files underneath it... is it really a > permission error? > Yep. Given that the permissions on the parent folder might still restrict the ability to read, write, or execute on a file or within a directory (e.g. listing a directories contents requires the executable bit permission) to the folders user, group, or other system account (u,g,o). To further complicate things a folder with the user sticky bit turned on and the group sticky bit turned off can wreak all havoc when any of those files or folders are access by system processes running under a user or group account that doesn't have the proper access it needs to perform it's necessary duty. Easy enough to fix, though. sudo chown -R www-data:www-data /var/lib/cherokee ... will change the owner of the base /var/lib/cherokee folder and all of its children to the www-data user and www-data group, and sudo chmod -R u+rws,g+r+s-w /var/lib/cherokee ... will then add the read, write, and sticky bit of the folders owner (the www-data user account) which will ensure that all files and folders created under /var/lib/cherokee retain the permissions of the www-data user and group account, add read permissions to the group account to allow the ability to read files contained within the folder while remove the write privileges which will be more the adequate for the needs of the cherokee-worker process running under the www-data user and www-data group accounts while ensuring that other www-data group members can't come along and do damage to any of the files nor view the contents of any of the folders without the knowledge of the www-data user. -- /M:D M. David Peterson Co-Founder & Chief Architect, 3rd&Urban, LLC Email: [email protected] Voice: (801) 742-1064 http://amp.fm | http://mdavidpeterson.com
_______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
