when uploading files in the admin backend of SilverStripe, I always get permission denied.
The apache2 is running under www-data:www-data (checked with "whoami" and in the envvars).
The permissions for the assets folder are the following:
drwxrwxr-x+ 5 git www-data 4.0K Oct 2 08:18 .
drwxrwsr-x+ 17 git users 4.0K Oct 2 09:53 ..
-rwxrwxr-x+ 1 git www-data 1.5K Oct 2 08:18 .htaccess
drwxrwsr-x+ 2 git www-data 4.0K Oct 2 07:28 Uploads
drwxrwsr-x+ 2 git www-data 4.0K Oct 2 08:18 _combinedfiles
drwxrwsr-x+ 2 git www-data 4.0K Oct 2 07:57 books
-rwxrwxr-x+ 1 git www-data 4.5K Oct 1 14:48 error-404.html
-rwxrwxr-x+ 1 git www-data 4.3K Oct 1 14:48 error-500.html
-rwxrwxr-x+ 1 git www-data 4.4K Oct 2 08:18 web.config
Even if I set them to 777, I still get permission denied. It works locally and I can't get my head around why it doesnt work.
Apache ErrorLog:
[Fri Oct 02 10:24:18.364138 2015] [:error] [pid 16008] [client 62.218.34.90:44300] PHP Warning: copy(/var/www/X/assets/books/Mike.png): failed to open stream: Permission denied in /var/www/X/framework/filesystem/Upload.php on line 195, referer: http://x.amazonaws.com/index.php/admin/assets/add/?ID=7
[Fri Oct 02 10:24:18.364615 2015] [:error] [pid 16008] [client 62.218.34.90:44300] PHP Warning: Requirements_Backend::process_combined_files(): Couldn't create '/var/www/X/assets/_combinedfiles//lib.js' in /var/www/X/framework/view/Requirements.php on line 1214, referer: http://x.amazonaws.com/index.php/admin/assets/add/?ID=7
Is this an AWS specific problem? Any clues?
The problem were ACLs.
Using getfacl ./assets/
I could determine, that the ACLs were set to undermine the normal permission model.
With setfacl
I was able to advance the ACLs to include the webuser (www-data) into the assets
directory with rwx
.
Hope this helps someone, Best regards. G