Difference between revisions of "Setup:Installation Guide/Security Settings/File System Permissions"
← Setup:Installation Guide/Security Settings/File System Permissions
| [unchecked revision] | [quality revision] |
(Tag: 2017 source edit) |
Contents
For trouble-free usage of your BlueSpice installation, the web server requires write permissions to several folders of the file system. However, it is recommended to keep the rights for all other files and folders to a minimum. This document shows you the relevant folders and the correct permissions correct permissions setting.
Tips for this Document[edit | edit source]
- Please, read this manual completely and work through the single installation steps one after another.
- For editing For editing the configuration files with a text editor, the files must be saved in saved in UTF-8 coding without BOM BOM (Byte Order Mark).
-
The placeholder stands placeholder
stands for the path to your BlueSpice installation, e.g gC:\inetpub\wwwroot\bluespice(Windows) or or/var/www/bluespice(Linux).
Affected FoldersAffected Folders[edit | edit source]
The folders, which require write permissions, are:
-
<installpath-bluespice>/cache -
<installpath-bluespice>/images -
<installpath-bluespice>/extensions/BlueSpiceFoundation/config -
<installpath-bluespice>/extensions/BlueSpiceFoundation/data -
<installpath-bluespice>/extensions/Widgets/compiled_templates (only BlueSpice only BlueSpice pro)
Assignment of Permissions with Windows[edit | edit source]
Assign "change" rights for this folder for the local user "Everyone".
Assignment of Permissions with Linux[edit | edit source]
Here you can assign rights much more strictly, which is also recommended. Transfer the directory directory <installpath-bluespice> recursively recursively to the user root (CHMOD for Files for Files 644, CHMOD for Directories for Directories 755) and after this, transfer the mentioned directory recursively to the user and the group, under which the Apache Web Server runs (Debian/Ubuntu e.g. "www-data").
In the following, we provide a bash script, which works through this tasks for you with only one command.
To do so, create the file /usr/local/bin/chownWiki setWikiPerm and copy the following code into this file:
#!/bin/bash
WWW_USER="www-data"
WWW_GROUP="www-data"
WWW_HOME=`eval echo ~$WWW_USER`
WWW_CFG=$WWW_HOME/.config
if [ $# -eq 0 ]; then
echo "You must enter the path of your MediaWiki installation."
exit
elif [ ! -d $1 ]; then
echo "$1 does not exist or is no path."
exit
fi
if [ ! -f $1/LocalSettings.php ]; then
echo "$1 contains no Localsettings.php"
exit
fi
PATH=`echo "$1" | sed -e 's#/$##'`
/usr/bin/find $PATH -type d -exec /bin/chmod 755 {} \;
/usr/bin/find $PATH -type f -exec /bin/chmod 644 {} \;
/bin/chown -R root:root $PATH
pathes=(
"$PATH/cache" \
"$PATH/images" \
"$PATH/_sf_archive" \
"$PATH/_sf_instances" \
"$PATH/extensions/BlueSpiceFoundation/data" \
"$PATH/extensions/BlueSpiceFoundation/config" \
"$PATH/extensions/Widgets/compiled_templates" \
)
for i in "${pathes[@]}"; do
if [ -d $i ]; then
/bin/chown -R $WWW_USER:$WWW_GROUP $i
fi
done
if [ ! -d $WWW_CFG ]; then
/bin/mkdir $WWW_CFG
fi
/bin/chown -R $WWW_USER:$WWW_GROUP $WWW_CFG
/usr/bin/chmodfind 755 $PATH/extensions/SyntaxHighlight_GeSHi/pygments/ -iname 'create_pygmentize_bundle' -exec /bin/chmod 755 +x {} \;
/usr/bin/find $PATH/extensions/SyntaxHighlight_GeSHi/pygments/pygmentize
-iname 'pygmentize' -exec /bin/chmod +x {} \;
/usr/bin/find $PATH/extensions -name 'lua' -type f -exec /bin/chmod 755 {} \;
If needed, replace the content of the variables variables
WWW_USER="www-data" WWW_GROUP="www-data"
with the approprate user and group of your distribution.
After this, assign CHMOD 755 to this file. Now you can run the script and let it do the complete permission setting automatically with the following command:
chownWikisetWikiPerm <installpath-bluespice>
|
Note that when the update.php is executed on the console, the rights can be partially discarded. For this reason, set the rights to "update.php" again. |