top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Apache umask to get 775 file permissions

0 votes
787 views

I got an cgi-script which is creating a file. This file need 775 permissions (rwxrwxr-x). I need to get the apache to create this file with 775 permissions.

I researched, but 90% of all those solutions doesn't work for me or those "init scripts" doesn't even exists on my openSUSE 13.1 64-Bit.

I found out, that /usr/sbin/apache2 should be my "init script". I added umask 002 there, but it doesn't changed anything. I still have rw-r--r-- instead of rwxrwxr-x permissions.

Please help me out?

posted Jul 28, 2014 by Kaushik

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

0 votes

At the start of the script, change the umask?

If it is a cgi binary and you cannot modify it, wrap it in a cgi-script that you can modify.

answer Jul 29, 2014 by Amit Mishra
Similar Questions
0 votes

I have a an htpasswd file that I want to have locked down so that it cannot be read on the filesystem by anyone other than the owner and Apache. Apache is version 2.2.3 running on RedHat Linux 5.9.

The permissions I have set are as follows:

drwxr-xr-x 6 root root 4096 May 7 10:19 /www
drwxrwxr-x 3 webowner apache 4096 May 7 10:03 /www/etc
drwxrwxr-x 4 webowner apache 4096 Jun 7 18:01 /www/etc/apache
drwxrwx--- 6 webowner apache 4096 Jun 7 18:01 /www/etc/apache/config
-rw-rw---- 1 webowner apache 123 Jun 7 18:01 /www/etc/apache/config/htpasswd

The httpd server starts as root and runs under the apache account as a member of the apache group. Under this permission structure, the web server will prompt the user for authentication, but throws an internal server error after the attempted login.

The error log shows this:

[Wed Jul 03 10:58:12 2013] [error] [client 127.0.0.1] (13)Permission denied: Could not open password file: /www/etc/apache/config/htpasswd
[Wed Jul 03 10:58:12 2013] [crit] [client 127.0.0.1] configuration error: couldn't check user. No user file?: /restricted/testfile.html

If I give read access to others on htpasswd (chmod o+r) and the config directory (chmod o+rx), there's no more internal server error. Changing the owner from webowner to apache also resolves the issue. However, neither of these options meets my needs in terms of file-security.

+1 vote

How is activemq installed from apt different from activemq downloaded from apache?

I installed activemq but was unable to enter the console...and all the doc's on apache approach from the assumption that you've downloaded directly.

Any thoughts?

+1 vote

what is the location of .htaccess file in apache. I tried searching for it find . -name ".htaccess" but returns no result

0 votes

Running Apache 2.4.7 and current configuration limiting access to a directory to only clients that can provide a trusted client certificate. Server is SSL host. Would like to modify configuration to allow "local" clients (127.0.0.1, etc. as defined by Require local auth provider) to access the directory without authenticating with a client certificate. So the local host may access the directory without SSL client auth, but all others must authenticate with a client certificate or access is forbidden. What is the best/proper way to do this?

I would like to use modern directives (avoiding Allow, Deny, Order etc. from mod_access_compat) but I am not clear how to combine Require related directives with mod_ssl options like SSLVerifyClient.

Thanks in advance?

...