Opened 6 months ago

Closed 6 months ago

#13782 closed Bug/Something is broken (fixed)

WordPress Permissions to Write to Directory

Reported by: https://id.mayfirst.org/bmcneilly Owned by: https://id.mayfirst.org/jamie
Priority: Medium Component: Tech
Keywords: Cc:
Sensitive: no

Description

Hi there,

We're running into some issues on the NPML WordPress installation. There are a few other tickets (13060, 12378, etc) dealing with similar issues. When uploading media, WordPress supplies the error "Unable to create directory uploads/2018/06. Is its parent directory writable by the server?". It seems WordPress does not have permissions to write files to the /wp/ directory we have set up to hold WordPress.

Doing some tests, I changed the folder write permissions to 775, so that the niebyl group should be able to edit this, but am still seeing this error.

Another symptom of the same problem is supplying FTP credentials to update WordPress. When I attempt to supply my own (which Filezilla shows as owning the /wp/ directory), the update still fails.

Any ideas as to why this is happening? My initial guess was that the niebyl account wasn't owning the files, but the niebyl group should be able to write changes now.

Change History (3)

comment:1 Changed 6 months ago by https://id.mayfirst.org/jamie

  • Owner set to https://id.mayfirst.org/jamie
  • Status changed from new to assigned

Hi - our web servers are designed to work with just one user - which should own all the files in the web directory and also is the user that PHP runs as.

For your site, that user is: niebyl

The problem is that your files are owned by the user bmcneilly.

As you discovered, you can in theory make sure all the files and directories are group-writable. Since both niebyl and bmcneilly as in the same group, that should work.

The problem with that approach is that the default file and directory creation mode is for directories to not be group-writable. In your particular case, the parent directory in question is not group-writable:

0 niebyl@ella:~/marxistlibr.org/web$ ls -l wp/wp-content/uploads/2018/
total 24
drwxrwxr-x 2 bmcneilly niebyl 4096 Apr  7 17:42 01
drwxrwxr-x 2 bmcneilly niebyl 4096 Apr  7 17:42 02
drwxrwxr-x 2 bmcneilly niebyl 4096 Apr  7 17:42 03
drwxrwxr-x 2 bmcneilly niebyl 4096 Apr  7 17:42 04
drwxr-xr-x 2 bmcneilly niebyl 4096 Jun 10 16:14 05
drwxr-xr-x 2 bmcneilly niebyl 4096 Jun 10 16:18 06
0 niebyl@ella:~/marxistlibr.org/web$

So if you continue with this approach, you will forevever be changing directories and files to be group writable every time WordPress creates them, which is tedious.

I would suggest taking one of two approaches:

  1. Keep it simple. I can update the permissions on your entire web directory to make everything owned by niebyl again - then you can continue working on the site, but only sftp as the niebyl user.
  1. Keep it secure. I can keep everything except the wp-content/uploads directory owned by bmcneilly user and make the entire uploads directory owned by niebyl. The uploads directory is the only one wordpress must have write access to. This keeps things more secure, but has a downside: wordpress won't be able to upgrade itself via the web. You'll have to do all upgrades via ssh as the bmcneilly user using wp.

Let us know if you want our help implementing one of these approaches.

comment:2 Changed 6 months ago by https://id.mayfirst.org/bmcneilly

Hi Jamie,

Thanks for the comprehensive write up here, I thought it was likely that the issue was that niebyl didn't own the wp directory. I think for simplicity's sake, having everything owned by niebyl will just be easiest.

comment:3 Changed 6 months ago by https://id.mayfirst.org/jamie

  • Resolution set to fixed
  • Status changed from assigned to closed

Sounds good. I just fixed up the ownership and permission of all your files. Should be working now.

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.