🌍
English
Announcement
- [2024-04-17] Piwigo 14.4.0
- [2024-04-01] Piwigo in Hobbit runes
- [2024-03-01] Piwigo 14.3.0
- [2024-01-30] Piwigo 14.2.0
- [2023-12-29] Piwigo 14.1.0
#1 2017-01-03 02:30:01
- djnoah
- Member
- 2016-12-30
- 15
Upgrade failing due to permissions
Hello/Hi/Greetings,
I am hoping to upgrade to 2.8.5 . The automated upgrade procedure is failing. I have about 40 files that are write protected. What is the best ownership for these files? Should I make the owner and group to match my apache user?
Piwigo version: 2.8.4
Operating system: Linux
PHP: 5.5.9-1ubuntu4.20 (Show info) [2016-12-30 20:51:32]
MySQL: 5.5.53-0ubuntu0.14.04.1 [2016-12-30 20:51:32]
Graphics Library: External ImageMagick 6.7.7-10
Offline
#2 2017-01-03 08:01:28
- ddtddt
- Piwigo Team
- Quetigny - France
- 2007-07-27
- 7207
Re: Upgrade failing due to permissions
You love Piwigo so don't hesitate to participate, learn more on the "Contribute to Piwigo" page. If you don't have much time for contribution, you can also help the project with a donation.
Offline
#3 2017-01-03 08:24:57
- flop25
- Piwigo Team
- 2006-07-06
- 7037
Re: Upgrade failing due to permissions
djnoah wrote:
What is the best ownership for these files? Should I make the owner and group to match my apache user?
Hello
usually yes
but that's a system administration issue, so the best for you would be to ask to the support of your environment
To get a better help : Politeness like Hello-A link-Your past actions precisely described
Check my extensions : more than 30 available
who I am and what I do : http://fr.gravatar.com/flop25
My gallery : an illustration of how to integrate Piwigo in your website
Offline
#4 2017-01-03 09:23:03
- teekay
- Member
- 2013-06-12
- 427
Re: Upgrade failing due to permissions
djnoah wrote:
What is the best ownership for these files?
That's a good question.
There is always a tradeoff between optimum webserver security and ease-of-administration. Restricting write-access to core installation files so the the webserver user cannot modify them is a good thing for security. But it means the administrator (you) has to do the upgrade manually (upload the files, and care for correct permissions).
A one-click upgrade function is great for ease-of-administration, but trades off some security, because the webserver needs write access to all installation files.
I'm NOT saying Piwigo's one-click upgrade is insecure, I use it myself on my server(s), because it makes my life easier. Though, I would _never_ allow this for that damned wordpress install I have to maintain for one of our sub-companies because that server is a security dead spot in an otherwhise banking-level high-security environment where there must not be a single chance the application could harm the server it runs on in any way, even when it runs in it's own DMZ surrounded by a palo alto DPI-firewall watching every tcp packet that enters or leaves that machine. Long story short: you have to decide for yourself what the best ownership for these files is, or the hosting provider already made that decision for you :-)
Last edited by teekay (2017-01-03 09:24:19)
Offline