90 lines
3.8 KiB
HTML
90 lines
3.8 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en-us" dir="ltr">
|
|
<head><script src="/livereload.js?mindelay=10&v=2&port=1313&path=livereload" data-no-instant defer></script>
|
|
<meta charset="utf-8" />
|
|
<meta name="viewport" content="width=device-width" />
|
|
<title>
|
|
Permissions strike again | Coding with Andrzej
|
|
</title>
|
|
<link rel="alternate" type="application/rss+xml" href="http://localhost:1313//index.xml" title="Coding with Andrzej">
|
|
|
|
|
|
|
|
|
|
|
|
<link rel="stylesheet" href="/css/main.css" />
|
|
|
|
|
|
<link rel="stylesheet" href="/css/syntax.css" />
|
|
|
|
|
|
<link rel="stylesheet" href="/css/defaults.css" />
|
|
|
|
|
|
|
|
|
|
|
|
<script src="/js/main.js"></script>
|
|
|
|
|
|
</head>
|
|
<body>
|
|
<header>
|
|
<a href=http://localhost:1313/><h1>Coding with Andrzej</h1></a>
|
|
|
|
<nav>
|
|
<ul>
|
|
<li>
|
|
<a href="/">Home</a>
|
|
</li>
|
|
<li>
|
|
<a aria-current="true" class="ancestor" href="/posts/">Posts</a>
|
|
</li>
|
|
<li>
|
|
<a href="/tags/">Tags</a>
|
|
</li>
|
|
</ul>
|
|
</nav>
|
|
|
|
|
|
</header>
|
|
<main>
|
|
|
|
|
|
<h1>Permissions strike again</h1>
|
|
|
|
<time datetime="2024-11-13T11:53:13+01:00">November 13, 2024</time>
|
|
|
|
<p>Configuring Apache really isn’t rocket science. There are a wealth of great tutorials online, the documentation is very well documented, and the defaults work more or less out of the box. But it’s one of those jobs that I do just infrequently enough that I always forget things in the interim, and end up making the same old mistakes.</p>
|
|
<p><em><strong>And it almost always has to do with permissions.</strong></em></p>
|
|
<p>So, I’m writing this post both as a means of christening this devlog (<a href="https://demos.ajstepien.xyz">Hi! I’m Andrzej! Hire me!</a>) and also as a reminder to myself that <em>the home folder is not executable by default.</em></p>
|
|
<p>Please, Andrzej. Please. The next time you’re building a website, be it for a client or for yourself, and you find yourself scratching your head, wondering what error you may have made in the <code>.confs</code>, checking the permissions of your symlink again and again, ask yourself: is my symlink pointing to a directory in the home folder? Because Apache can’t open the home folder until you change the permissions!</p>
|
|
<h2 id="what">What?</h2>
|
|
<p>In Linux we open directories by ’executing’ them. A directory is an executable that maps part of the file-system for us. Now, by default, the home directory is only executable by its owner. This makes sense when you think about it – you don’t want your sister, or co-worker, or (more likely) whatever barely-audited application you’re installing today, to be able to open that directory. But you probably <em>do</em> want your webserver to be able to open it, especially if you are symlinking to it from <code>/var/www</code> or wherever.</p>
|
|
<p>There are lots of reasons why you’d want to deploy to the home directory of an unprivileged user. I do this exact same thing with <a href="https://jenkins.io">Jenkins</a>, and I wasted an hour troubleshooting this exact same problem when I set up that server too.</p>
|
|
<p>So, Andrzej of the future (did anyone non-ghoulish win an election yet?), for future reference, let’s say you’re deploying to <code>/home/devlog/website</code>:</p>
|
|
<ol>
|
|
<li>Add Apache to the ‘devlog’ user group.</li>
|
|
</ol>
|
|
<pre tabindex="0"><code>sudo usermod -aG devlog www-data
|
|
</code></pre><ol start="2">
|
|
<li>Change the permissions on /home/devlog to allow group members to open it.</li>
|
|
</ol>
|
|
<pre tabindex="0"><code>sudo chmod 710 /home/devlog
|
|
</code></pre><p>IT’S THAT EASY.</p>
|
|
|
|
<div>
|
|
<div>Tags:</div>
|
|
<ul class="post-tags">
|
|
<li><a href="/tags/linux/">Linux</a></li>
|
|
</ul>
|
|
</div>
|
|
|
|
</main>
|
|
<footer>
|
|
<p>Copyright 2024. All rights reserved.</p>
|
|
|
|
</footer>
|
|
</body>
|
|
</html>
|