Message-ID: <1695209506.3656.1485854675601.JavaMail.confluence@ip-10-127-227-164> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_3655_1333870634.1485854675601" ------=_Part_3655_1333870634.1485854675601 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html Setup folder rights

Setup folder rights

=20
=20
=20
=20

For security reasons, there is no need for web server to have access to = write to other directories.

Set the owner a= nd clean directories

First, change www-data to your web server user.

Clean the ca= che/ and logs/ directories

=20 
$ rm -rf app/cache/* app/logs/*
=20

Use th= e right option according to your system.

A. Using ACL on a Linux/BSD sys= tem that supports chmod +a

Using ACL on a Linux/BSD system that supports chmod +a
=20 
$ sudo chmod +a "www-data allow delete,write,append,file_inherit,dir=
ectory_inherit" \
  app/cache app/logs web
$ sudo chmod +a "`whoami` allow delete,write,append,file_inherit,directory_=
inherit" \
  app/cache app/logs web
=20

B. Using ACL on a Linux/BSD = system that does not support chmod +a

Some systems don't support chmod +a, but do support another utility call= ed setfacl. You may need to enable ACL support on your partition and instal= l setfacl before using it (as is the case with Ubuntu), in this way:

Using ACL on a Linux/BSD system that does not support chmod +a
=20 
$ sudo setfacl -R -m u:www-data:rwx -m u:`whoami`:rwx \
  app/cache app/logs web
$ sudo setfacl -dR -m u:www-data:rwx -m u:`whoami`:rwx \
  app/cache app/logs web
=20

C. Using chown on Linux/BSD/OS X systems that don't support ACL

Some systems don't support ACL at all. You will need to set your web ser= ver's user as the owner of the required directories:

Using chown on Linux/BSD/OS X systems that don't support ACL
=20 
$ sudo chown -R www-data:www-data app/cache app/logs web
$ sudo find {app/{cache,logs},web} -type d | xargs sudo chmod -R 775
$ sudo find {app/{cache,logs},web} -type f | xargs sudo chmod -R 664
= =20

D. Using chmod on a Linux/BSD/OS X syste= m where you can't change owner

If you can't use ACL and aren't allowed to change owner, you can use chm= od, making the files writable by everybody. Note that this method really is= n't recommended as it allows any user to do anything:

Using chmod on a Linux/BSD/OS X system where you can't change owner
=20 
$ sudo find {app/{cache,logs},web} -type d | xargs sudo chmod -R 777
$ sudo find {app/{cache,logs},web} -type f | xargs sudo chmod -R 666
= =20

When using chmod, note that newly created files (such as cache) owned by= the web server's user may have different/restrictive permissions. In this = case, it may be required to change the umask so that the cache and log dire= ctories will be group-writable or world-writable (umask(0002) = or umask(0000) respectively).

It may also possible to add the group ownership inheritance flag so new = files inherit the current group, and use 775/664 = in the command lines above instead of world-writable:

It may also possible to add the group ownership inheritance flag
=20 
$ sudo chmod g+s {app/{cache,logs},web}
=20

E. Setup folder r= ights on Windows

For your choice of web server you'll need to make sure web server user h= as read access to <root-dir>, and write access to the fo= llowing directories:

  • app/cache
  • app/logs
=20
=20
=20
=20

=20 =20

=20
=20
=20
------=_Part_3655_1333870634.1485854675601--