Linux /var/www/html 的权限

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/12414009/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-06 14:21:22  来源:igfitidea点击:

Permissions for /var/www/html

linuxapachepermissionssftp

提问by dicaeopolis

I have a virtual CentOS server with GoDaddy, and I'm having trouble setting up the permissions for /var/www/html.

我有一个带有 GoDaddy 的虚拟 CentOS 服务器,但在设置/var/www/html.

Users are not allowed to log in as root, or even add themselves to the rootgroup, so here's the corner I've painted myself into:

用户不能以 身份登录root,甚至不能将自己添加到root组中,所以这是我自己画的角落:

  • I changed its owner using the following command (I used the user:group that was in httpd.conf):

    chown -R apache:apache /var/www/html
    
  • I added my own user to the apachegroup:

    usermod -a -G apache myuser
    
  • I changed the permissions:

    chmod 777 /var/www/html -R
    
  • 我使用以下命令更改了它的所有者(我使用了 user:group 中的httpd.conf):

    chown -R apache:apache /var/www/html
    
  • 我将自己的用户添加到apache组中:

    usermod -a -G apache myuser
    
  • 我更改了权限:

    chmod 777 /var/www/html -R
    

This is the only way to give my SFTP account the ability to create, change, anddelete files in /var/www/html. 777! (The SFTP account uses the same credentials as the ssh account, which means for all intents and purposes they're the same, right?)

这是让我的 SFTP 帐户能够创建、更改删除/var/www/html. 第777章!(SFTP 帐户使用与 ssh 帐户相同的凭据,这意味着对于所有意图和目的,它们都是相同的,对吗?)

I'm obviously new to Linux server admin, but this seems ridiculously insecure. Is there a better way to do all this?

我显然是 Linux 服务器管理员的新手,但这似乎非常不安全。有没有更好的方法来做到这一切?

NoteThe website I'm planning on putting up here will allow file uploads, cron jobs, etc., so I'm guessing that will complicate the necessary permissions as well. Is that correct?

注意我打算在这里建立的网站将允许文件上传、cron 作业等,所以我猜这也会使必要的权限复杂化。那是对的吗?

UpdateUsing 775 does not appear to work; I can upload/overwrite files, but when I just try to delete them, FileZilla gives me this error:

使用 775更新似乎不起作用;我可以上传/覆盖文件,但是当我尝试删除它们时,FileZilla 给了我这个错误:

rm /var/www/html/index.php: permission denied

rm /var/www/html/index.php: 权限被拒绝

I have no idea why, but changing back to 777 "fixes" this.

我不知道为什么,但改回 777“修复”了这个。

回答by Jon Lin

You just need 775for /var/www/htmlas long as you are logging in as myuser. The 7octal in the middle (which is for "group" acl) ensures that the group has permission to read/write/execute. As long as you belong to the group that owns the files, "myuser" should be able to write to them. You may need to give group permissions to all the files in the docuemnt root, though:

你只需要775/var/www/html,只要你是在为myuser的记录。7中间的八进制(用于“组”acl)确保该组具有读/写/执行权限。只要您属于拥有这些文件的组,“myuser”就应该能够写入它们。但是,您可能需要为文档根目录中的所有文件授予组权限:

chmod -R g+w /var/www/html

回答by koryo

I have just been in a similar position with regards to setting the 777 permissions on the apache website hosting directory. After a little bit of tinkering it seems that changing the group ownership of the folder to the "apache" group allowed access to the folder based on the user group.

关于在 apache 网站托管目录上设置 777 权限,我刚刚处于类似的位置。经过一些修补后,似乎将文件夹的组所有权更改为“apache”组允许访问基于用户组的文件夹。

1) make sure that the group ownership of the folder is set to the group apache used / generates for use. (check /etc/groups, mine was www-data on Ubuntu)

1)确保文件夹的组所有权设置为apache使用/生成使用的组。(检查 /etc/groups,我的是 Ubuntu 上的 www-data)

2) set the folder permissions to 774 to stop "everyone" from having any change access, but allowing the owner and group permissions required.

2) 将文件夹权限设置为 774 以阻止“每个人”具有任何更改访问权限,但允许所需的所有者和组权限。

3) add your user account to the group that has permission on the folder (mine was www-data).

3)将您的用户帐户添加到对该文件夹具有权限的组(我的是www-data)。

回答by Mustafa Omar

log in as root user:

以 root 用户身份登录:

sudo su

password:

then go and do what you want to do in var/www

然后在 var/www 中做你想做的事