1

I successfully installed nginx, HHVM (running with FastCGI) etc. on an Ubuntu 15.10 installation, and HHVM is, in itself, running fine. My /var/www directory is owned by my user and group (e.g. sam:sam), so I can access it via SSH and SFTP and change files accordingly. When now running a CMS like WordPress, it obviously runs as the web server (www-data), and thus cannot change/add/delete files from its backend (e.g. upload files, update WordPress/plugins) as would be required unless I change user and group ownership to www-data.

Is there a way to solve this to be able to change files via PHP and SSH without letting the web server run with a user that has obviously sudo rights? I believe 'normal' PHP running as FastCGI is able to circumvent the problem.

David Makogon
  • 2,767
  • 1
  • 19
  • 29
physalis
  • 145
  • 1
  • 6

1 Answers1

0

If I'm understanding the situation correctly you should change the ownership of the files to the www-data user. Since you have sudo permissions you can add your user (sam) to the www-data group and still be able to do what you need to do.

To add your user to the www-data group:

usermod -a -G www-data sam

To change ownership of all the files to www-data user and group:

sudo chown -R www-data:www-data /var/www

To add group write permissions to all files in /var/www:

sudo chmod -R g+w /var/www
Colt
  • 1,939
  • 6
  • 20
  • 25
Decesus
  • 116
  • 3
  • Just to really get it. I already added my user to the www-data group, plus changed ownership of the data folder to www-data:www-data. When logging in through an FTP client, I am not able to alter files this way, even though **sam** is part of the www-data group as well (along the **sam** group). Did I do something wrong? Would I need sudo to change files? – physalis Jun 29 '16 at 20:44
  • The files and folders need to have group write permissions. The following command with apply that to all files in /var/www: "sudo chmod -R g+w /var/www" – Decesus Jun 29 '16 at 20:47
  • 775 (or g+w) does the trick, I believe, I had it on 755 which is a bit more secure as far as I know. This way I can add more users (for subsequent FTP users), add them to the www-data group and stay flexible. Please add the chmod command to your answer, just to make it perfect for others in hunt of the same answer :)! – physalis Jun 29 '16 at 21:09
  • Done! Glad it helped! – Decesus Jun 29 '16 at 21:17