Apache 权限、PHP 文件创建、MKDir 失败 [英] Apache permissions, PHP file create, MKDir fail

问题描述

似乎我无法创建文件.当我将权限设置为 777 在文件夹上时，我试图在其中创建一个文件夹，然后脚本工作正常.如果文件夹设置为 755，则失败.我不太了解 linux，但我想弄清楚这些东西.我花了几个小时尝试一些东西.有谁知道如何使 apache 具有足够高的权限.

It seems i cannot create files. When i set permissions to 777 On the folder i am trying to create a folder in then the script works fine. If the folder is set to 755, it fails. I do not know much about linux, but i am suppose to figure this stuff out. I have spent a couple hours trying stuff. Does anyone know how to make it so that apache has high enough permissions.

我知道这是一个权限和 apache 问题，我只是不知道如何解决这个问题.我已经编辑了 httpd.conf 文件，但我真的不知道我在做什么...有什么帮助吗?(我保存了备份.)

I know it is a permissions and apache problem, i just do not know how to fix this. I have edited the httpd.conf file, but i really do not know what i am doing... Any help? (I saved backup.)

推荐答案

请停止建议使用 777.您正在使您的文件可供所有人写入，这几乎意味着您失去了所有安全性权限系统是为.如果您建议这样做，请考虑它可能对配置不当的网络服务器造成的后果:通过覆盖文件来入侵"网站会变得非常容易.所以，不要.

Please stop suggesting to use 777. You're making your file writeable by everyone, which pretty much means you lose all security that the permission system was designed for. If you suggest this, think about the consequences it may have on a poorly configured webserver: it would become incredibly easy to "hack" the website, by overwriting the files. So, don't.

Michael:您的脚本无法创建目录有一个完全可行的原因，运行 PHP(可能与 Apache 不同)的用户根本没有足够的权限来这样做.我认为您应该解决根本问题，而不是更改权限，这意味着您的文件拥有错误的所有者，或者 Apache 或 PHP 在错误的用户下运行.

Michael: there's a perfectly viable reason why your script can't create the directory, the user running PHP (that might be different from Apache) simply doesn't have sufficient permissions to do so. Instead of changing the permissions, I think you should solve the underlying problem, meaning your files have the wrong owner, or Apache or PHP is running under the wrong user.

现在，您似乎安装了自己的服务器.您可以通过运行一个调用大多数 linux 中安装的whoami"程序的简单脚本来确定哪个用户正在运行 PHP:

Now, it seems like you have your own server installed. You can determine which user is running PHP by running a simple script that calls the 'whoami' program installed in most linuxes:

<?php
echo `whoami`;

如果一切正常，您应该会看到运行 PHP 的用户名.根据您的操作系统，这可能是www-data"、nobody"、http"或任何变体.如果您的网站是唯一运行的网站，则可以通过更改运行 Apache 的用户来轻松更改.如果您有 Debian，就像我倾向于的那样，您可以编辑文件/etc/apache2/envvars(以 root 身份)，并更改 APACHE_RUN_USER 的值.根据您的操作系统，此变量可能设置在不同的配置文件中，因此如果您在/etc/apache2/envvars 中找不到它，请尝试使用以下命令搜索变量声明:

If all is right, you should see the username PHP is running under. Depending on your OS, this might be 'www-data', 'nobody', 'http', or any variation. If your website is the only website running, this is easy to change by changing the user Apache runs under. If you have Debian, like I tend to, you can edit the file /etc/apache2/envvars (as root), and change the value for APACHE_RUN_USER. Depending on your OS, this variable might be set in a different configuration file, so if you can't find it in /etc/apache2/envvars, try to search for the variable declaration by using:

$ grep -R "APACHE_RUN_USER=" .

从目录中所有 apache-config 文件都在.

From the directory all apache-config files are in.

如果您不是服务器上唯一的用户，您可能需要考虑为每个网站创建用户帐户，并使用 Apache2-MPM-ITK 之类的工具根据调用的网站更改 RUN_USER.此外，请确保运行 PHP 进程的用户是文件和目录的所有者.你可以通过使用 chown 来实现:

If you're not the only one on the server, you might want to consider creating user accounts for every website, and using something like Apache2-MPM-ITK to change the RUN_USER depending on which website is called. Also, make sure that the user the PHP process is running under is the owner of the files, and the directories. You can accomplish that by using chown:

% chown theuser:theuser -R /var/www/website/

如果 PHP 使用它自己的用户运行，并且是它需要写入的文件和目录的所有者，那么权限 700 就足够了.不过，我自己倾向于将 750 用于大多数文件，因为我通常在该组中有多个用户，并且他们可以拥有阅读权限.因此，您可以更改权限:

If PHP is running with it's own user, and is the owner of the files and directories it needs to write in, the permission 700 would be enough. I tend to use 750 for most files myself though, as I generally have multiple users in that group, and they can have reading permissions. So, you can change the permissions:

% chmod 0750 -R /var/www/website/

应该是这样.如果您遇到问题，请告诉我们，并且请不要接受任何本质上告诉您的建议:如果安全问题困扰着您，请移除安全措施.

That should be it. If you having issues, let us know, and please don't ever take up any advice that essentially tells you: if security is bothering you, remove the security.

这篇关于Apache 权限、PHP 文件创建、MKDir 失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！