sluggo

required file and directory permissions

Recommended Posts

Hello all,

 

I am disturbed by what appears to be the required permissions when installing processwire. I am getting this type of error message:

Directory /site/assets/ must be writable. Please adjust the server permissions before continuing.

I changed the perms from 755 to 775 and I don't want to use 777 (I don't even like 775).

% ls -l
total 8
drwxrwxr-x@  3 jtm6  staff    96 Mar 16 10:44 assets

So how do I proceed?

In addition, I am not even sure that I need ProcessWire. I am just trying to get a dev website open and the index.php file errors out. However, the top of this file has this comment:

 * ProcessWire Bootstrap

I am attaching the index.php file.


Anyway, thanks for your time

downloaded-index.php

Share this post


Link to post
Share on other sites

Hello and welcome to the forums! I personally get by using 755 on my local dev environments as well live installs. If you have not looked at it already, I would take a look at the following concerning permissions:

http://processwire.com/docs/security/file-permissions/

As for the comment "* ProcessWire Bootstrap", this enables ProcessWire's API to be used in other php scripts not already stored inside of ProcessWire's file structure. A good read can be found here:

https://processwire.com/api/include/

 

Share this post


Link to post
Share on other sites
2 hours ago, sluggo said:

I am disturbed by what appears to be the required permissions when installing processwire. I am getting this type of error message:

Directory /site/assets/ must be writable. Please adjust the server permissions before continuing.

I changed the perms from 755 to 775 and I don't want to use 777 (I don't even like 775).

ProcessWire shouldn't need 777 at all. You just need to make sure that the web server can write in site/assets, since this is where all dynamically changing data (caches, files, logs) is stored. You probably just need to give ownership to www-data (or whatever the webserver runs as) and can switch to 0750. If you're worried about security: the .htaccess file is quit strict in limiting access there.

 

  • Like 2

Share this post


Link to post
Share on other sites
1 hour ago, BitPoet said:

ProcessWire shouldn't need 777 at all. You just need to make sure that the web server can write in site/assets, since this is where all dynamically changing data (caches, files, logs) is stored. You probably just need to give ownership to www-data (or whatever the webserver runs as) and can switch to 0750. If you're worried about security: the .htaccess file is quit strict in limiting access there.

 

Thank you. I guess the solution was obvious:

sudo chown www assets

actually I used

sudo chown -R www site

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Guy Incognito
      Hi all. We've created a private log-in area for a client on their site that is restricted on a roles basis. Is there a simple solution available to let them upload files to a file field and then choose individual users that can access individual files?
      Does that make sense?!... it's hard to search for answers to this as all results pertain to server file permissions.
       
    • By ridgedale
      Reference: PW 3.0.111 and uikit3 based site using the Regular-Master profile.
      I wonder if anyone might be able to point me in the right direction. I need to restrict the superuser role to overall administrators of a group of sites, but provide role and permission administration for the administrators of the individual sites. My searches unearthed the following thread:
      However, after having already created the sitemanager role and given site administrators the user-admin permission and having then created the role-admin permission and assigned that to the sitemanager role, the users with sitemanager permissions are able to see the Roles item under the Access menu of the backend but no submenu is displayed showing the Add Role option or any of the roles that the administrator should have access to. My intention is that the individual site adminstrators should have access to assign the guest and sitemanager roles (but not edit them) and be able to create roles with privileges beneath that of sitemanager.
      Any advice would be greatly appreciated.
       
    • By dimitrios
      Hello,
      I have created a field of type Page Reference and input field type Page Auto Complete, so that users of role 'writer' can add new tags to their articles. However, only a superuser can add new tags through the field, even though 'writer' roles have the permission to create  pages of template 'tag', and the permission to add children in the parent template. New tags in the Page Tree can be added normally. Is there something I am missing?

    • By ethanbeyer
      Hello,
      I recently posted in this topic, but I decided to start my own thread because while I believe my issue is related to the one in that thread, they are not exactly the same:
       
      I have created a custom User Template in the method outlined in the docs. I am creating a directory, so it made sense that every page in the directory was a Directory Member, so they could log in and edit their own information while also keeping the entire directory protected behind a login wall.
      So the new user type is created: "directory-member".
      I then created two new roles: "member" and "directory-admin":
      The "member" only has the ability to View directory-member pages, and "profile-edit", which allows them to manage their own information. The "directory-admin" has the ability to edit any directory-member pages, and administer users. Some Directory Members are both, but all have at least the "member" role.
      The first hint that something was wrong was when I was testing a "member" user and I could not add a new item to a repeater on that profile. The url for the profile edit (this will be important shortly) is site.dev/admin/profile. The repeater is set up to load new items through AJAX. If this option is turned off, the rest of this issue is no longer completely valid. But as I have found what I believe to be a pretty large issue in the Processwire codebase, I thought it worth bringing up.
      See, every page (even a user) has a $page->editUrl() method, and it returns a URL like this: site.dev/admin/access/users/edit/?id=2096. That's all good and fine for users that have page-edit permissions, but if they don't, that link will resolve to the admin's equivalent of a 404.
      So the way that Processwire currently gets around this is by creating a specific editing area for a user to interact with only their profile: /admin/profile. And that works pretty nicely, except for the fact that nowhere is editUrl() ever made aware of the difference. editUrl() is not hookable, and whether or not a page is editable is based on the PagePermissions module.
      On top of that, there are several core modules that hardcode a search-and-replace (see InputfieldRepeater.module:627) where the editing screen is for Users. This doesn't allow for a huge degree of flexibility that is offered in other places throughout Processwire. If line 627 of InputfieldRepeater is changed from this:
      $editorUrl = str_replace('/access/users/edit/', '/page/edit/', $editorUrl); to this:
      $editorUrl = str_replace('/access/users/edit/', '/profile/', $editorUrl); ...the AJAX repeaters work. It's maddening!
      As is brought up in the thread I attached above, a lot of the features of page editing are missing within /admin/profile/, and it just makes for an altogether strange editing experience. A user who has "page-edit" permissions for templates other than directory-member, but does have "profile-edit" permissions, will see their user in the Page List, but cannot edit their Page unless they hover over the wrench and click the "Profile" link. It just seems - off.
      I think what this hinges on for me is that the editUrl() of the user should be "/admin/profile/" if that user is logged in (and their page should be editable from the Page List), or the "/admin/access/users/edit/" url; regardless of the URL, both links should resolve to the Page Edit screen, as the Profile Edit screen seems to be a unnecessarily neutered version of Page Edit.
    • By Sergio
      I have this "editor" role, that has the "user-admin-all" permission.
      I tried several times, doing different things sets of permissions, but I can't make a user with this role being able to make another user an "editor" too. PW disables the "editor" checkbox. I read the documentation 3 times that my eyes cannot see what I'm missing anymore.
      Any clues?