File Access Rights on Unix and Linux

One of the most common problems people ask about is how to set-up the file access rights in Linux/Unix.

This small topic answers this question by giving you the exact shell commands that set the access rights correctly for your entire TWiki directory tree.

This topic is valid for TWiki Release 4.0.X

The script below does 2 things

• It changes the owner of the entire directory tree to the user that apache is run as. Apache is normally started as root and then forks out several child processes that do all the work. These child processes run as a user with very few privileges on the system. The name of the user is given by the directives User and Group in httpd.conf. Various distributions have their own ideas what this user should be. In Redhat/Fedora/Centos the user name is apache and the group is also apache. Other distributions use nobody or wwwdata.
• It changes the access rights to all the files in the twiki tree to the same as it is shipped in the tgz. When you upgrade using the TWiki-VERSION-changed.zip you run into the problem that zip files contain no user rights so the default right are used. The script below takes care of this.

In the script below I assume your TWiki tree is /var/www/twiki and the apache user/group is apache.

First we move to the right directory and change ownership

cd /var/www
chown -R apache:apache twiki
cd twiki

Make sure your current working directory is the bottom of the twiki tree. The next step changes the access rights. You can copy one line at a time or copy the entire next block of text and paste it to a command line. The script prints everything it does so expect to see a lot of output. If you do not want that remove all the -v.

find . -type d -print -exec chmod -v 755 {} \;
find data -name '*.txt' -type f -exec chmod -v 660 {} \;
find data pub -name '*,v' -type f -exec chmod -v 440 {} \;
find lib -name '*.pm' -type f -exec chmod -v 440 {} \;
find locale -type f -exec chmod -v 440 {} \;
find pub -type f -exec chmod -v 660 {} \;
find pub/TWiki/WysiwygPlugin/_kupu -type f -exec chmod -v 440 {} \;
find bin -type f -exec chmod -v 550 {} \;
find bin/logos -type f -exec chmod -v 440 {} \;
find templates -type f -exec chmod -v 440 {} \;
find tools -type f -exec chmod -v 550 {} \;
chmod -v 660 lib/LocalSite.cfg
chmod -v 660 data/.htpasswd
chmod -v 660 data/mime.types
chmod -v 440 bin/LocalLib.cfg.txt
chmod -v 440 bin/.htaccess.txt
chmod -v 440 pub/_work_areas/.htaccess
chmod -v 440 pub/_work_areas/README 
chmod -v 440 AUTHORS COPYING COPYRIGHT index.html INSTALL.html LICENSE pub-htaccess.txt readme.txt robots.txt root-htaccess.txt subdir-htaccess.txt TWikiHistory.html twiki_httpd_conf.txt TWikiReleaseNotes04x00.html 
chmod -v 550 UpgradeTwiki

Additional resources:

Configuring Unix / Linux File and Directory Access Rights-Using chmod to Alter or Modify File and Directory Permissions - Good resource for those who are looking for solutions on configuring Unix and Linux.

UNIX Tutorial for Beginners - a comprehensive online resource for beginners and useful for those who are writing about it on term papers or custom research papers.

-- GuenterHof - 22 Aug 2006