Re: how to activate php in apache

To: debian-user@lists.debian.org
Subject: Re: how to activate php in apache
From: Bob Proulx <bob@proulx.com>
Date: Wed, 4 Dec 2013 00:14:01 -0700
Message-id: <[🔎] 20131204071401.GA29245@hysteria.proulx.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 529E89C3.4010709@attglobal.net>
References: <[🔎] 529D0D10.2040007@mi.parisdescartes.fr> <[🔎] 20131202231443.GA26347@hysteria.proulx.com> <[🔎] 529D3574.1010009@attglobal.net> <[🔎] 20131203080358.GA29923@hysteria.proulx.com> <[🔎] 529DE706.8020905@attglobal.net> <[🔎] 20131204005957.GB29302@hysteria.proulx.com> <[🔎] 529E89C3.4010709@attglobal.net>

Jerry Stuckle wrote:
> Bob Proulx wrote:
> > Jerry Stuckle wrote:
> > > Ownership of the directory is root:root, but the scripts should
> > > *never* be owned by root:root.
> >
> > Uhmm...  No.  There is no problem whatsoever with php files being
> > owned by root:root.  Why do you think it is a problem?
> 
> For them to be owned by root:root, they either needed to be created
> by root or chown'd by root.  Neither of which is recommended for
> user files.

Okay.  I see what you are thinking you are saying.  You don't want to
encourage users to use root if it isn't needed.  That is laudable.  I
agree with it.  Up to the point that a person needs to be root for a
system administration task.  Then they need root and that is okay too.

So what about this case then?

  # apt-get install phpmyadmin
  $ ls -ld /usr/share/phpmyadmin/main.php
  -rw-r--r-- 1 root root 15962 Aug 12  2012 /usr/share/phpmyadmin/main.php

The php scripts are owned by root:root.  Nothing wrong with it.  This
is all as expected.

I see that you added the qualifier "user files".  Okay.  But before
this point we weren't talking about user files.  Up until then we were
just talking about php files generically.  Not fair changing the
playing field part way through the game.

But back to the part about php owner:group...  Personally I usually
make a "/var/www/rwp" subdirectory and chown it to rwp:rwp for my use
and I play and develop there.  Or its my laptop and so I take over
/var/www directly for my own play.  On a production machine I usually
set DocumentRoot to /srv/www or /srv/www/www.example.com in a virtual
host environment, or other scheme, to keep things organized.  I often
set them to their own lvm partition to keep them contained.  And there
I would set it up for an appropriate (not-me) pseudo-user that would
be shared with other members of the release team.  Every project has
its own pseudo-user to hold that project's production files.  Among
other things this keeps cross-talk between the projects separated.

Bob

"Never say never."

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: how to activate php in apache
  - From: Jerry Stuckle <jstuckle@attglobal.net>

References:
- how to activate php in apache
  - From: François Patte <francois.patte@mi.parisdescartes.fr>
- Re: how to activate php in apache
  - From: Bob Proulx <bob@proulx.com>
- Re: how to activate php in apache
  - From: Jerry Stuckle <jstuckle@attglobal.net>
- Re: how to activate php in apache
  - From: Bob Proulx <bob@proulx.com>
- Re: how to activate php in apache
  - From: Jerry Stuckle <jstuckle@attglobal.net>
- Re: how to activate php in apache
  - From: Bob Proulx <bob@proulx.com>
- Re: how to activate php in apache
  - From: Jerry Stuckle <jstuckle@attglobal.net>

Prev by Date: Re: plese stop Re: A rookie's query: Want to about Debian and the related
Next by Date: Re: Squeeze dpkg --get-selections usable in any way in Wheezy?
Previous by thread: Re: how to activate php in apache
Next by thread: Re: how to activate php in apache
Index(es):
- Date
- Thread