On Tue, 2013-08-27 at 13:43 -0400, Ethan Rosenberg wrote: > Dear List - > > I apologize for this "needle in a haystack" but... > > This was originally posted on the PHP list, but has changed into a > Debian question... > > Tried to run the program, that we have been discussing,{on the PHP list} > and received a 403 error. > > rosenberg:/var/www# ls -la StoreInventory.php > -rwxrwxrw- 1 ethan ethan 4188 Aug 26 20:26 StoreInventory.php > > rosenberg:/var# ls -ld www > drwxrwxrw- 37 ethan ethan 20480 Aug 26 20:26 www > > I had set the S bit [probably a nasty mistake] and I thought I was able > to remove the bit. [it doesn't show above] > > I made the following stupid mistakes... > note commands from the root prompt have a su appended > > 467 chown -R ethan:www-data www su > 469 chown -R ethan:www-data www su > 470 chmod -R g+s www su > 471 chgrp -R www su > 477 chgrp -R ethan www su > 480 chmod -R 766 www su > 482 chmod g-S www su > 485 chmod -S www su > 486 chmod g S www su > 487 chmod gS www su > 488 chmod S www su > 489 chmod 776 www su > 492 chmod 776 -R www su > 494 chmod -s -R www su > 504 chmod 666 StoreInventory.php > 512 chmod 3775 StoreInventory.php > > I now have.... > > ethan@rosenberg:/var/www$ ls -la StoreInventory.php > -rwxrwsr-t 1 ethan ethan 4232 Aug 27 00:18 StoreInventory.php > > ethan@rosenberg:/var$ ls -ld www > drwxrwxrw- 37 ethan ethan 20480 Aug 26 20:26 www > > and still have the 403 error. > > How do I extricate myself from the hole into which I have planted myself? >
The problem appears to be that Apache does not have access to the file. Looking at the permissions of the file it should work, however, apache is not able to go into your /var/www folder. Either you need to set www-data as the owner of the directory, or as the group owner, or, possibility number 3, give execute rights to 'others' on that folder. Pick one (you might need to be root for the first 2 in your situation): 1) chown www-data /var/www 2) chgrp www-data /var/www 3) chmod -R o+X /var/www Note the capital 'X' on option 3, this gives execute permissions on folders only, not files, as the -R means all files and subdirectories as well. The 't' is known as the sticky bit if I recall correctly, set with 1 on the first number in a 4 number chmod command, for details see [1]. I guess in your case you can use 0664 for the files and 0775 for directories (or 0640 and 0750 if you set owner or group back to www-data) Best regards, Steven [1] http://www.linux.com/learn/tutorials/309527-understanding-linux-file-permissions
signature.asc
Description: This is a digitally signed message part