Reason and Generated Directories Permissions
15 views
Skip to first unread message
Nicholas Mischler
Dec 21, 2015, 5:16:53 PM12/21/15
to Reason Discussion, Melissa Dix
Hello,
Melissa and I are still at it, and we've made some good progress, but I've stumbled across an error when trying to set things up:
Looking this up, it appears that suPHP will throw a 500 whenever there's a file that has write access on the group assigned to it, essentially forbidding us from giving groups write access on anything.
I don't think we necessarily need write access on the groups, but reason's url_manager gives 775 to each new file/directory, granting each item's group write access and running up against this limitation/feature. If we were to change anything now, it wouldn't work. Likewise, the setup.php script for new installs uses 775 for it's mod_rewrite check, but the check ultimately fails because the attempt to get at the created files results in a 500.
One thought I had was to go in and change all of Reason's permission settings to 755, but I'm curious to know if there's a specific reason for using 775 for every case. (Don't want to fix one problem to land in another one.)
I also found a blog post suggesting people disable the check in suPHP because it is "silly", which is what I'm inclined to do instead. However, if that's the solution, then that information would be worth sharing with those who start with or move to suPHP.
Thanks,
Nick
Melissa and I are still at it, and we've made some good progress, but I've stumbled across an error when trying to set things up:
SoftException in Application.cpp:256: File "/home/beloit/reason_package/reason_4.0/www/setup.php" is writeable by group
[pid 4070:tid 139989826348800] [client ip] End of script output before headers: setup.php
Looking this up, it appears that suPHP will throw a 500 whenever there's a file that has write access on the group assigned to it, essentially forbidding us from giving groups write access on anything.
I don't think we necessarily need write access on the groups, but reason's url_manager gives 775 to each new file/directory, granting each item's group write access and running up against this limitation/feature. If we were to change anything now, it wouldn't work. Likewise, the setup.php script for new installs uses 775 for it's mod_rewrite check, but the check ultimately fails because the attempt to get at the created files results in a 500.
One thought I had was to go in and change all of Reason's permission settings to 755, but I'm curious to know if there's a specific reason for using 775 for every case. (Don't want to fix one problem to land in another one.)
I also found a blog post suggesting people disable the check in suPHP because it is "silly", which is what I'm inclined to do instead. However, if that's the solution, then that information would be worth sharing with those who start with or move to suPHP.
Thanks,
Nick
Matt Ryan
Dec 21, 2015, 6:38:43 PM12/21/15
to reason-d...@googlegroups.com
I suppose it would be fairly straightforward to add a setting that made those file permissions configurable.
Blocking group permissions does seem silly, though. If you have a server that is managed by multiple people, I'd imagine it would make almost any action require sudo.
Matt
--
You received this message because you are subscribed to the Google Groups "Reason Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to reason-discuss...@googlegroups.com.
To post to this group, send email to reason-d...@googlegroups.com.
Visit this group at https://groups.google.com/group/reason-discussion.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages