I have a webpage where users can upload a file. After the upload, the webpage calls a shell script to move the uploaded file to another location. I'm certain the "mv" command is failing because of a permissions issue, but I'm uncertain how to overcome this.
First things first. My webpage runs on an Ubuntu 16.04 server and Apache2 2.4.41. When the user uploads a file, that file is saved on the server in directory /var/www/html/uploads
:
me@myServer:/var/www/html/uploads$ ls -l
total 44
-rw-r--r-- 1 www-data www-data 761 Feb 21 15:38 UsersUploadedFile.txt
me@myServer:/var/www/html/uploads$
I notice that the file is owned by user www-data
.
Once the file is uploaded, the webpage calls this shell script to move the file to another directory:
#!/bin/bash
echo "Attempting to move the uploaded file..."
{
mv /var/www/html/uploads/UsersUploadedFile.txt /home/me/UsersUploadedFile.txt
} || {
echo "Gah, failed to move the file!"
}
When the file is uploaded, you see this on my webpage:
Attempting to move the uploaded file...
Gah, failed to move the file!
So the "mv" command is failing.
My first instinct was that this was a permissions issue. The file-to-be-moved is owned by user www-data
, as I mentioned before. The shell script is too:
me@myServer:/var/www/html$ ls -l
total 36
-rwxr-xr-x 1 www-data www-data 593 Feb 21 15:53 moveTheFile.sh
me@myServer:/var/www/html$
But the directory where I want to file to be moved is owned by user me
, and I can't change that for other scripting reasons.
What I guess I'd like to do is to is have the shell script change UsersUploadedFile.txt
's ownership to user me
, and then move the file. But if I insert a chown
command into the shell script, that command fails, too.
It looks like user www-data is running the apache2 service, therefore also running the shell script...? I'm not sure.
me@myServer:/var/www/html$ ps -ef | grep apache
root 14931 1 0 13:00 ? 00:00:00 /usr/sbin/apache2 -k start
www-data 14934 14931 0 13:00 ? 00:00:00 /usr/sbin/apache2 -k start
www-data 14935 14931 0 13:00 ? 00:00:00 /usr/sbin/apache2 -k start
www-data 14936 14931 0 13:00 ? 00:00:00 /usr/sbin/apache2 -k start
www-data 14937 14931 0 13:00 ? 00:00:00 /usr/sbin/apache2 -k start
www-data 14938 14931 0 13:00 ? 00:00:00 /usr/sbin/apache2 -k start
www-data 14942 14931 0 13:00 ? 00:00:00 /usr/sbin/apache2 -k start
ph9821 15165 14831 0 16:03 pts/2 00:00:00 grep --color=auto apache
me@myServer:/var/www/html$
So what might I be doing wrong here? And how can I get the shell script to change file permissions? I guess that's what I really need done here. Thank you.
CodePudding user response:
This is a permission issue. User www-data cannot write a file in your home directory.
Assuming your home directory is owned by user "me" and group "me", you will have to set permissions on your home directory so your group can write into it (it should already). Then add user www-data in that group.
Important note
If you put permission 777 on your home directory, then every user on the system can write into that directory! You should put 775 or 770. Only you and your group should be able to write (and maybe read also, depending on your requirement). Not important if this is your own machine, critical if this is a machine with many users.
Remember permissions are: user group others. 777 is rwx for all 3. It can be dangerous.