Ubuntu – How to configure permissions to allow gedit, apache, and an IDE play together

apache-httpdpermissionsUbuntu

I'm using plain Ubuntu Desktop 11.04 and installed my lamp stack using lamp-server. I am trying to use Netbeans as my IDE.

Currently, all virtual hosts are being run from /var/www/vhostname — but as I have not configured any groups or permissions, if I try to open any of the files through Netbeans it does not have write permission.

How can I properly set up permissions (or configure Apache or Netbeans) so that:

  • Files created by a php script can be rw by Netbeans
  • Files created by Netbeans can be rw by Apache

I attempted to chown everything to my user/group which gave Netbeans write permission, but then Apache did not have write permission.

Note: This is purely for a development machine — not used in production, and I am the only user on this box.

UPDATE

I used to use the method in the answer I marked as accepted, but nowadays I do something much simpler:

  1. I set Apache to run as my user and my group (this is done either in httpd.conf, apache2.conf, or envvars depending on your distro)
  2. I chown /var/www to my user and group

Voila, Apache has read/write access, and I have read/write access while working on projects.

Best Answer

What I recommend doing has been mostly described in this Ask Ubuntu question.

For this particular case I would install suPHP which in short allows you to execute PHP scripts as your user under Apache.

By doing the following:

sudo chown -R youruser:youruser /var/www
find /var/www/ -type d -exec chmod 0755 {} \;
find /var/www/ -type f -exec chmod 0644 {} \;

Install suphp-common and libapache2-mod-suphp from this ppa (What are PPAs and how do I use them?)

Disable mod_php5 and enable mod_suphp

sudo a2enmod suphp
sudo a2dismod php5

Update your virtual hosts to include this line at the bottom of them:

suPHP_UserGroup youruser youruser

Replacing youruser with the user you use to edit files on the server. Restart Apache.

From this point forward Apache will execute all php scripts are your user, which means they can be owned by your user/group and there is no need to use crazy permissions like 777. Since everything is run as your user all files created by the php scripts will be owned by your user as well! There are many other cool things you can do with suPHP; however, from what it sounds like this is all you'll need to get started.

Related Question