73 lines
3.5 KiB
HTML
73 lines
3.5 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en-us" dir="ltr">
|
|
<head><script src="/livereload.js?mindelay=10&v=2&port=1313&path=livereload" data-no-instant defer></script>
|
|
<meta charset="utf-8" />
|
|
<meta name="viewport" content="width=device-width" />
|
|
<title>
|
|
Permissions Strike Again | CODING WITH ANDRZEJ
|
|
</title>
|
|
|
|
<link rel="stylesheet" href="/css/main.css" />
|
|
<link rel="stylesheet" href="/css/syntax.css" />
|
|
|
|
<script src="/js/main.js"></script>
|
|
|
|
|
|
</head>
|
|
<body>
|
|
<header>
|
|
<h1>CODING WITH ANDRZEJ</h1>
|
|
|
|
<nav>
|
|
<ul>
|
|
<li>
|
|
<a href="/">Home</a>
|
|
</li>
|
|
<li>
|
|
<a aria-current="true" class="ancestor" href="/posts/">Posts</a>
|
|
</li>
|
|
<li>
|
|
<a href="/tags/">Tags</a>
|
|
</li>
|
|
</ul>
|
|
</nav>
|
|
|
|
|
|
</header>
|
|
<main>
|
|
|
|
<h1>Permissions Strike Again</h1>
|
|
|
|
|
|
|
|
<time datetime="2024-11-13T11:53:13+01:00">November 13, 2024</time>
|
|
|
|
<p>Configuring Apache really isn’t rocket science. There are a wealth of great tutorials online, the documentation is very well documented, and the defaults work more or less out of the box. But it’s one of those jobs that I do just infrequently enough that I always forget things in the interim, and end up making the same old mistakes.</p>
|
|
<p><em><strong>And it almost always has to do with permissions.</strong></em></p>
|
|
<p>So, I’m writing this post both as a means of christening this devlog (<a href="https://demos.ajstepien.xyz">Hi! I’m Andrzej! Hire me!</a>) and also as a reminder to myself that <em>the home folder is not executable by default.</em></p>
|
|
<p>Please, Andrzej. Please. The next time you’re building a website, be it for a client or for yourself, and you find yourself scratching your head, wondering what error you may have made in the <code>.confs</code>, checking the permissions of your symlink again and again, ask yourself: is my symlink pointing to a directory in the home folder? Because Apache can’t open the home folder until you change the permissions!</p>
|
|
<h2 id="what">What?</h2>
|
|
<p>In Linux we open directories by ’executing’ them. A directory is an executable that lists part of file-system for us, basically. Now, by default, the home directory is only executable by its owner. This makes sense when you think about it – you don’t want your sister, or co-worker, or (more likely) whatever barely-audited application you’re installing today, to be able to open that directory. But you probably do want your webserver to be able to open it, especially if you are symlinking to it from <code>/var/www</code>.</p>
|
|
<p><a href="https://gohugo.io/">Hugo</a> (the framework I’m using to build this blog) likes to deploy to the home directory by default. In fact there are lots of reasons why you’d want to deploy there. I do this exact same thing with <a href="https://jenkins.io">Jenkins</a>, and I wasted an hour troubleshooting this exact same problem when I set up that server too.</p>
|
|
<p>So, Andrzej of the future (did anyone non-ghoulish win an election yet?), for future reference, let’s say you’re deploying to <code>/home/devlog/website</code>:</p>
|
|
<ol>
|
|
<li>Add Apache to the ‘devlog’ user group.</li>
|
|
</ol>
|
|
<pre tabindex="0"><code>sudo usermod -aG devlog www-data
|
|
</code></pre><ol start="2">
|
|
<li>Change the permissions on /home/devlog to allow group members to open it.</li>
|
|
</ol>
|
|
<pre tabindex="0"><code>sudo chmod 710 /home/devlog
|
|
</code></pre><p>IT’S THAT EASY.</p>
|
|
|
|
|
|
|
|
|
|
</main>
|
|
<footer>
|
|
<p>Copyright 2024. All rights reserved.</p>
|
|
|
|
</footer>
|
|
</body>
|
|
</html>
|