Support

J.T. · #1 06-09-2010, 02:48 AM

Hi,

I can't seem to get this right.

When a script needs write access to a folder, for example for sessions or error logs, in apache I simply chown-ed them apache:apache and left them chmod 755.

Now with Litespeed, I can't figure out who executes the script.

In the server-wide settings I have:

Running As user(nobody) : group(nobody)

In the VH:

ExtApp Set UID Mode DocRoot UID

The owner of the docroot of that VH happens to be lsadm:lsadm

So I figured by either making the folder I intend to have PHP write in owned by nobody:nobody or lsadm:lsadm I'd be able to write in it when it's chmod 755. But somehow, I need to up that to 777 for it to work. And I don't like 777.

How can I figure out who runs the PHP process and should therefore be the owner of a folder in order to write to it?

What are the recommended ownership settings for LSWS?

J.T. · #2 06-09-2010, 03:01 AM

I just found out that get_current_user = lsadm and getmyuid is 100, which in /etc/passwd equates to lsadm indeed. So if the script is run by lsadm, which can't the script write to a file owned by lsadm?

NiteWave · #3 06-09-2010, 04:45 AM

I did some tests locally, to enable

Quote:

VH:
ExtApp Set UID Mode DocRoot UID

need define a vhost level lsphp5 ExtApp first, say "lsphp5_vh" as its name.

then in vhost "Script Handler", select this lsphp5_vh to handle php.

if select lsphp extApp defined in server level, lsphp will run as server uid/gid, i.e., nobody in this case.

J.T. · #4 09-15-2010, 03:41 AM

Hi,

This issue is still present.

I have exactly what you say, with a VHost level script handler which has a name different from the default. It handles PHP. The DocRoot UID is owned by lsadm:lsadm and a file further down the document tree is also owned by lsadm:lsadm

In the PHP script I echo get_current_user() and this confirms it's lsadm. The script tries to write to a cache folder again owned by lsadm:lsadm but it can't. Only when I chmod the cache folder recursively 777 it works. 755 doesn't work either.

What can I be overlooking?

NiteWave · #5 09-15-2010, 10:08 AM

echo umask() while echo get_current_user()

mmaama · #6 09-19-2010, 06:57 AM

Try compiling Litespeed with phpsuexec, i had the very same issue and that's the way i fixed it.

mistwang · #7 09-21-2010, 09:29 AM

Quote:

Originally Posted by J.T.

In the PHP script I echo get_current_user() and this confirms it's lsadm. The script tries to write to a cache folder again owned by lsadm:lsadm but it can't. Only when I chmod the cache folder recursively 777 it works. 755 doesn't work either.

Does your server use a special secure kernel? Or something special with PHP? Sohusin?

try

Code:

sudo -u lsadm touch test_file

under that directory, see if it has permission issue or not.