create directory in other domain

[Andrey]

Hi!

I have 2 sites in same server (it is dedicated one not shared)

I need to create a directory in one site by using perl-script on other
site.

Then I try to create a new directory I got error "Permission denied".
But then I try to create directory in same directory it works fine.
(Parent's directory access is OK 0777 )

I guess there some setting in httpd.conf (or somewhere else ) that
perform that "protection".

Thanks!

 

[j.keßler]

Hi!

I have 2 sites in same server (it is dedicated one not shared)

I need to create a directory in one site by using perl-script on other
site.

Then I try to create a new directory I got error "Permission denied".
But then I try to create directory in same directory it works fine.
(Parent's directory access is OK 0777 )

I guess there some setting in httpd.conf (or somewhere else ) that
perform that "protection".

Thanks!

Hello,

as far as I understand, those are perl script which are run by the webserver.

Could it be that the two different domains are run by two different system
users ?

regrads,
j.keßler

 

[J. Gleixner]

Hi!

I have 2 sites in same server (it is dedicated one not shared)

I need to create a directory in one site by using perl-script on other
site.

Why do you feel you need to do that?

Then I try to create a new directory I got error "Permission denied".
But then I try to create directory in same directory it works fine.
(Parent's directory access is OK 0777 )

How are you trying to do that?

I guess there some setting in httpd.conf (or somewhere else ) that
perform that "protection".

Make sure you're in the correct directory, when you try to create
a directory. Add that to the error message, to show what
directory the process is in.

Make sure the ID that's running the Web server process, can
create a directory there.

Making a directory 777, under your DOCUMENT_HOME, typically
isn't 'OK'. Make it writable by the owner of the Web
server's process, or by a group, but not by other.

Finally, show us your code. Make it as short as possible and
possibly the permissions on the directory in question.

 

[Andrey]

Hello,

as far as I understand, those are perl script which are run by the webserver.

Could it be that the two different domains are run by two different system
users  ?

regrads,
j.keßler

Yes, these domains are run by two different users.

 

[Andrey]

Why do you feel you need to do that?

This is a part of big and comoplex CMS.

How are you trying to do that?

my $dir = "/var/www/vhosts/site1/..../upload/test_mkdir";
mkdir($dir);
And this command makes error too:
if (-d $dir) ...

Make sure you're in the correct directory, when you try to create
a directory.  Add that to the error message, to show what
directory the process is in.

I trying to make new dir with absolute path. I mean it starts with "/
var/..."

Make sure the ID that's running the Web server process, can
create a directory there.

The 'upload' directory have 0777 rights. I think it is enough. Isn't
it?

Making a directory 777, under your DOCUMENT_HOME, typically
isn't 'OK'.  Make it writable by the owner of the Web
server's process, or by a group, but not by other.

Finally, show us your code.  Make it as short as possible and
possibly the permissions on the directory in question.

It is deep nested directory. I mean DOCUMENT_ROOT/dir1/dir2/dir3/
upload/test_mkdir
I know that 0777 isn't good. I give 0777 rights to eliminate other
access errors.
So only 'upload' directory have 0777.

 

[j.keßler]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is a part of big and comoplex CMS.




my $dir = "/var/www/vhosts/site1/..../upload/test_mkdir";
mkdir($dir);
And this command makes error too:
if (-d $dir) ...




I trying to make new dir with absolute path. I mean it starts with "/
var/..."




The 'upload' directory have 0777 rights. I think it is enough. Isn't
it?



It is deep nested directory. I mean DOCUMENT_ROOT/dir1/dir2/dir3/
upload/test_mkdir
I know that 0777 isn't good. I give 0777 rights to eliminate other
access errors.
So only 'upload' directory have 0777.

well, it lokks for me, that there is no "big" mistake.

So it could be a webserver setting, which I can't think of....

regards,
j. keßler
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)

iEYEARECAAYFAkplb2oACgkQE++2Zdc7EtdBQwCfY12kIdyY0M/KGYRAD1ln2ejr
5VAAnRwfv4EwIOynelt6mVuvNnaYjM/W
=sYSS
-----END PGP SIGNATURE-----

 

[Andrey]

Thank you all!

Problem solved!

I have added "execute" rights for group to my DOCUMENT_ROOT (chmod g+x)

 

[linuxlover]

[...]

my $dir = "/var/www/vhosts/site1/..../upload/test_mkdir";
mkdir($dir);
And this command makes error too:
if (-d $dir) ...
[...]

The 'upload' directory have 0777 rights. I think it is enough. Isn't
it?
[...]

It is deep nested directory. I mean DOCUMENT_ROOT/dir1/dir2/dir3/
upload/test_mkdir
I know that 0777 isn't good. I give 0777 rights to eliminate other
access errors.
So only 'upload' directory have 0777.

Apart from the permission to create a new directory in /var/www/vhosts/
site1/..../upload/ (for which you need 'w' permission in the directory
mode), the process that calls the mkdir also needs access to enter
that directory, so for each step in /, /var, /var/www/, /var/www/
vhosts/, /var/www/vhosts/site1/, /var/www/vhosts/site1/..../upload/
you need 'x' permission.

 

[Petr Vileta \fidokomik\]

Yes, these domains are run by two different users.

When domain 1 is running under user say "web1" and domain 2 under user "web2"
then you can add user "web2" as member of group "web1" and vice-versa. In other
words:

group members

 

[Andrey]

Then I try to create a new directory I got error "Permission denied".

[...]

my $dir = "/var/www/vhosts/site1/..../upload/test_mkdir";
mkdir($dir);
And this command makes error too:
if (-d $dir) ...

I guess there some setting in httpd.conf (or somewhere else ) that
perform that "protection".

[...]

The 'upload' directory have 0777 rights. I think it is enough. Isn't
it?
[...]

It is deep nested directory. I mean DOCUMENT_ROOT/dir1/dir2/dir3/
upload/test_mkdir
I know that 0777 isn't good. I give 0777 rights to eliminate other
access errors.
So only 'upload' directory have 0777.

Apart from the permission to create a new directory in /var/www/vhosts/
site1/..../upload/ (for which you need 'w' permission in the directory
mode), the process that calls the mkdir also needs access to enter
that directory, so for each step in /, /var, /var/www/, /var/www/
vhosts/, /var/www/vhosts/site1/, /var/www/vhosts/site1/..../upload/
you need 'x' permission.

That is the feature which I didn't know. Shame on me
I have set 'x' permissions to DOCUMENT_ROOT and now it works fine.
Thanks for answer