Ubuntu
apache2 package

Permission between Ubuntu and W2k / XP with smb mount

Asked by Don Barnett on 2009-02-09

I have setup a private intranet server with Ubuntu server ver 8.04 running appache. I need to be able to write to the clients local disk (NTSF on W2k) so I created a folder in the data area of the appache user (fhuser) for the domain owned by the user on the server. I then mounted the directory on the client to the directory created on the server with smb

Here is the mount instruction:
smbmount //192.168.2.99/clientdata /var/www/farmhome/htsdata/client -- verbose -o username=Guest

I have set Guest privilages to full read and right for all files and sub-directories on the W2k system

The mount works great, from root and fhuser (the apache user) I can read and write to the directory perfectly in command mode. The problem comes when I want to write as a web user. Even though I can read the directory I can not write to it. I get permission denied.

Any Ideas?

Thanks
Don Barnett

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu apache2 Edit question
Assignee:
No assignee Edit question
Last query:
2009-02-16
Last reply:
2009-02-16
Huygens (huygens-25) said : #1

One question:
if you perform the following command, can you tell us which user "owns" the Apache process
ps waux | grep apache | grep -v grep | awk '{ print $1 }' | sort -u

This commands will return the username. If it isn't fhuser, than you probably have your answer.

Don Barnett (donb-farm-home) said : #2

Thanks

the answer is :
root
www-data

If that is the case how do I get apache to run as as fhuser. I have always assumed that it ran as the owner of the script

Huygens (huygens-25) said : #3

Your apache configuration is running as www-data, which is the default for Ubuntu.

To change it, you need to edit with administrative privilege the following file: /etc/apache2/envvars
If you are familiar with 'vi', then the command is:
sudo vi /etc/apache2/envvars
Or if you prefer or more simple text editor like nano, the command is:
sudo nano /etc/apache2/envvars

In the file, you have to update the lines starting with:
export APACHE_RUN_USER=
export APACHE_RUN_GROUP=

To something like:
export APACHE_RUN_USER=fhuser
export APACHE_RUN_GROUP=fhuser

Or for the group, you could leave it to www-data, but then it would be recommended to add the user fhuser to the group www-data:
sudo adduser fhuser www-data

Now, you can restart Apache:
sudo /etc/init.d/apache2 restart

If you have further question about Apache, how to configure it or how to secure it, feel free to ask them here, or check the documentation:
https://help.ubuntu.com/8.10/serverguide/C/httpd.html
https://help.ubuntu.com/8.10/serverguide/C/index.html
https://help.ubuntu.com/community/ApacheMySQLPHP

I hope this helped you.

Can you help with this problem?

Provide an answer of your own, or ask Don Barnett for more information if necessary.

To post a message you must log in.