How to change default permission for uploaded files in apache with mounted webroot

apache-2.2file-permissions

I have an ubuntu server 11.10 with apache 2.2.20, php 5.3.6 and an installation of Joomla cms. I have used an extra hard disk as my web server storage and mounted it into /data/www/ (I hope it's not where my problem us!).

I've set permission of all files and folders in my web root to 755 and user groups for them is set to [default ubuntu user(in my case radio)]:www-data.

In past days I had serious problems with joomla not showing new uploaded images and other files and also I can't install any extensions. After hours of searching I found out that uploaded files don't have appropriate permission (they are -rw——-) and Joomla application cannot read, copy or move them after upload.

I’m wondering how can I set a default permission so all files that I upload use it?

PS: I’ve tested umask but it did nothing. I think it has nothing to do with my problem.

Best Answer

You mentioned that you tried umask and it didn't work but your problem sounds exactly like a umask one. Maybe you can revisit that?

There are two gotchas that you may have encountered that could have resulted in you thinking that umask wasn't the issue:

  • You need to change the umask of the user who is uploading the files, in most cases on your own server (rather than shared hosting) this will be the webserver user; www-data on Ubuntu.
  • You must change the umask for the user in the login scripts or in the apache startup script, simply running it while in a SSH session will not affect anything as it will only be active for that session.

Note that having group/world read permission on www-data owned files is bad - any other web app (so basically anything on the server) will be able to read things like config files with database passwords, etc. A better solution is mod_suexec but then you have to go configure PHP in CGI mode and Apache MPM worker, it's a bit more involved.

Related Topic