Piwigo.org

You are not logged in. (Register / Login)

Announcement

#1 2017-01-03 02:30:01

djnoah
Member
Registered: 2016-12-30
Posts: 10

Upgrade failing due to permissions

Tags: [installation]

Hello/Hi/Greetings,

I am hoping to upgrade to 2.8.5 .  The automated upgrade procedure is failing.  I have about 40 files that are write protected.   What is the best ownership for these files?  Should I make the owner and group to match my apache user?

Piwigo version:  2.8.4
Operating system: Linux
PHP: 5.5.9-1ubuntu4.20 (Show info) [2016-12-30 20:51:32]
MySQL: 5.5.53-0ubuntu0.14.04.1 [2016-12-30 20:51:32]
Graphics Library: External ImageMagick 6.7.7-10

Offline

 

#2 2017-01-03 08:01:28

ddtddt
Piwigo Team
Location: Quetigny - France
Registered: 2007-07-27
Posts: 6634

Re: Upgrade failing due to permissions


You love Piwigo so don't hesitate to participate, learn more on the "Contribute to Piwigo" page. If you don't have much time for contribution, you can also help the project with a donation.

Offline

 

#3 2017-01-03 08:24:57

flop25
Piwigo Team
Registered: 2006-07-06
Posts: 6448
Website

Re: Upgrade failing due to permissions

djnoah wrote:

What is the best ownership for these files?  Should I make the owner and group to match my apache user?

Hello
usually yes
but that's a system administration issue, so the best for you would be to ask to the support of your environment


To get a better help : Politeness like Hello-A link-Your past actions precisely described
Check my extensions : more than 30 available
who I am and what I do : http://fr.gravatar.com/flop25
My gallery : an illustration of how to integrate Piwigo in your website

Offline

 

#4 2017-01-03 09:23:03

teekay
Member
Registered: 2013-06-12
Posts: 224

Re: Upgrade failing due to permissions

djnoah wrote:

What is the best ownership for these files?

That's a good question.

There is always a tradeoff between optimum webserver security and ease-of-administration. Restricting write-access to core installation files so the the webserver user cannot modify them is a good thing for security. But it means the administrator (you) has to do the upgrade manually (upload the files, and care for correct permissions).

A one-click upgrade function is great for ease-of-administration, but trades off some security, because the webserver needs write access to all installation files.

I'm NOT saying Piwigo's one-click upgrade is insecure, I use it myself on my server(s), because it makes my life easier. Though, I would _never_ allow this for that damned wordpress install I have to maintain for one of our sub-companies because that server is a security dead spot in an otherwhise banking-level high-security environment where there must not be a single chance the application could harm the server it runs on in any way, even when it runs in it's own DMZ surrounded by a palo alto DPI-firewall watching every tcp packet that enters or leaves that machine. Long story short: you have to decide for yourself what the best ownership for these files is, or the hosting provider already made that decision for you :-)

Last edited by teekay (2017-01-03 09:24:19)

Offline

 

Board footer

Powered by FluxBB

github twitter facebook google+ newsletter Donate Piwigo.org © 2002-2017 · Contact