Actions

Talk

Installing Joomla on Debian Linux

From Joomla! Documentation

Revision as of 22:11, 4 August 2011 by Redthor (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Contents

restrictive permissions

N.B. chown is not needed with xampp

If you want a more restrictive approach, do this instead:

 # chown -R root:root /var/www/joomla
 # cd /var/www/joomla
 # PLACES='
 # administrator/backups
 # administrator/components
 # administrator/modules
 # administrator/templates
 # cache
 # components
 # images
 # images/banners
 # images/stories
 # language
 # mambots
 # mambots/content
 # mambots/editors
 # mambots/editors-xtd
 # mambots/search
 # media
 # modules
 # templates
 # '
 # for i in $PLACES; do chown -R www-data:www-data $i; done


Content

Well, chown -R is recursive .. thus images covers images/banners and images/stories. Same goes for mambots. Thus the subdirectories will have their ownership changed anyway.

Form

The chown program does handle more than one command line argument, and has done so since the dawn of time (i.e. the 70s).

Therfore you may write

chown -R www-data:www-data administrator/backups administrator/components administrator/modules administrator/templates cache components images language mambots media modules templates


Or if you want neat 80 columns

chown -R www-data:www-data administrator/backups administrator/components \
administrator/modules administrator/templates cache components images \
language mambots media modules templates


BTW: Leaving out the # marks makes it way easier to cut'n paste the commands into your favorite terminal window.

Update for Joomla 1.5.21

1. There is a tmp and a administrator/cache directory that need to be chown'ed as well. The first is needed if you enable compression. (Or so it looks from the Site setup pages) The later is needed by the "Joomla! Security Newsfeed" that is shown (or rather hidden) on the Backends start page.

2. The mambots directory is called plugins now. How can something basic as this this be changed in a point release??? Argl. Stuff like this should be changed in a major release or at least a minor, but a point release?

mpm-itk restrictive settings

I have mpm-itk set up so that Joomla runs under a linux account.

I'm trying to work out what would be the most secure folder/dir permissions.

Therefore I've made the perms restrictive this way:

# No access to group or other because its not needed under itk
chmod -R go-rwx *
chmod go-rwx .htaccess
# Directories that need write perms is discussed on this talk page and
# i'm running 1.5.23, so 'mambots' is 'plugins'
# first restrict everything
find . -mindepth 1 -type d -exec chmod u-w {} \;
# Then apply permission to write
# It's not clear whether -R is required but http://docs.joomla.org/Installing_Joomla_on_Debian_Linux#Set_ownerships_and_permissions does do -R
chmod -R u+w administrator/backups/ administrator/backups/ \
administrator/components/ \
administrator/language/ \
administrator/language/en-GB/ \
administrator/modules/ \
administrator/templates/ \
components/ \
images/ \
language/ \
media/ \
modules/ \
plugins/ \
templates/ \
cache/ \
administrator/cache/ \
logs/ \
tmp
# What files need write access? I'm not sure, but I'll find out!
find . -type f -exec chmod u-w {} \;
# Well, config I suppose:
chmod u+w configuration.php


Then check in administrator site the directory permissions section /administrator/index.php?option=com_admin&task=sysinfo

Use at own risk. YMMV.