Permissions Strike Again
+Permissions strike again
@@ -59,8 +59,8 @@So, I’m writing this post both as a means of christening this devlog (Hi! I’m Andrzej! Hire me!) and also as a reminder to myself that the home folder is not executable by default.
Please, Andrzej. Please. The next time you’re building a website, be it for a client or for yourself, and you find yourself scratching your head, wondering what error you may have made in the .confs, checking the permissions of your symlink again and again, ask yourself: is my symlink pointing to a directory in the home folder? Because Apache can’t open the home folder until you change the permissions!
What?
-In Linux we open directories by ’executing’ them. A directory is an executable that lists part of file-system for us, basically. Now, by default, the home directory is only executable by its owner. This makes sense when you think about it – you don’t want your sister, or co-worker, or (more likely) whatever barely-audited application you’re installing today, to be able to open that directory. But you probably do want your webserver to be able to open it, especially if you are symlinking to it from /var/www.
Hugo (the framework I’m using to build this blog) likes to deploy to the home directory by default. In fact there are lots of reasons why you’d want to deploy there. I do this exact same thing with Jenkins, and I wasted an hour troubleshooting this exact same problem when I set up that server too.
+In Linux we open directories by ’executing’ them. A directory is an executable that maps part of the file-system for us. Now, by default, the home directory is only executable by its owner. This makes sense when you think about it – you don’t want your sister, or co-worker, or (more likely) whatever barely-audited application you’re installing today, to be able to open that directory. But you probably do want your webserver to be able to open it, especially if you are symlinking to it from /var/www or wherever.
There are lots of reasons why you’d want to deploy to the home directory of an unprivileged user. I do this exact same thing with Jenkins, and I wasted an hour troubleshooting this exact same problem when I set up that server too.
So, Andrzej of the future (did anyone non-ghoulish win an election yet?), for future reference, let’s say you’re deploying to /home/devlog/website:
- Add Apache to the ‘devlog’ user group. diff --git a/public/tags/linux/index.html b/public/tags/linux/index.html index 30d7038..9c5be0e 100644 --- a/public/tags/linux/index.html +++ b/public/tags/linux/index.html @@ -65,7 +65,7 @@
-
-
Permissions Strike Again
+Permissions strike again
Configuring Apache really isn’t rocket science. There are a wealth of great tutorials online, the documentation is very well documented, and the defaults work more or less out of the box. But it’s one of those jobs that I do just infrequently enough that I always forget things in the interim, and end up making the same old mistakes.
And it almost always has to do with permissions.
So, I’m writing this post both as a means of christening this devlog (Hi! I’m Andrzej! Hire me!) and also as a reminder to myself that the home folder is not executable by default.
diff --git a/public/tags/linux/index.xml b/public/tags/linux/index.xml index 683033f..1458939 100644 --- a/public/tags/linux/index.xml +++ b/public/tags/linux/index.xml @@ -16,7 +16,7 @@<p><strong>I had a bit of an issue with my <a href="https://demos.ajstepien.xyz">website</a> recently.</strong></p> <p>I pushed some changes incorporating images for the first time (I know – very swish, very modern), and everything seemed to be working just fine, but when I loaded the production site in Firefox… the images were not styled. Stranger still, they <em>were</em> styled when I loaded the same page in Chrome.</p> <p>The experienced computer touchers amongst you will be saying “this is obviously a cache problem”, and you’re right, it is obviously a cache problem. Pressing <code>CTR + SHIFT + R</code> (which forces Firefox to clear the cache and do a full reload) proved this thesis, and solved the immediate problem for me, on my machine. But what about other people’s machines? <strong>I needed to cache-bust.</strong></p>