Page Index Toggle Pages: 1 Print
CHMOD (Read 1734 times)
Captain John
Ex Member


CHMOD
Sep 24th, 2007 at 7:07pm
Print Post  
CHMOD is VERY important to the running and operation of the YaBB Forum on a Linux or Unix Server in the Perl environment.
   Though many of the script files and text files will work with a couple permissions of Read/Write/Execute ... We suggest that you set the CHMOD for ALL folders, image, pl, pm and js files to 755.   ALL the other files should be set at 666, especially files under the Members and Messages folders.

Typical chmod Dialog
With everything uploaded and placed on the server where you wish, we need to give special permissions to some files and directories. This process, known as chmod, lets the server know what items need to be written to or executed. This is very important, as incorrect chmod settings can result in a 500 Internal Server Error.

Note: It has been reported that some antiquated or cheap hosting companies may not give you the ability to chmod files. If your host limits this, you will need to contact them to make the following changes.

cgi-bin Files

The following files in your cgi-bin directory need to have their permissions altered. Please note that this list does not include files for which no change is needed.
cgi-bin/yabb2   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/AdminIndex.pl   -rwxr-xr-x (chmod 755)
cgi-bin/yabb2/Setup.pl   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/YaBB.pl   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Paths.pl   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Admin   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Boards   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Boards/*.*   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Help   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Help/English   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Help/English/Admin   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Help/English/Admin/*.help   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Help/English/Gmod   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Help/English/Gmod/*.help   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Help/English/Moderator   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Help/English/Moderator/*.help   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Help/English/User   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Help/English/User/*.help   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Languages   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Languages/English   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Languages/English/*.txt  -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Languages/English/*.lng  -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Members   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Members/admin.*   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Members/*.ims   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Members/*.log   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Members/*.passes   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Members/*.msg   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Members/*.rlog   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Members/*.ttl   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Members/*.txt   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Members/*.vars   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Messages   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Messages/*.ctb   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Messages/*.txt   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Modules   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Modules/Digest/Perl   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Modules/Digest/Perl/MD5.pm   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Modules/Time   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Modules/Time/HiRes.pm   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Modules/Upload   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Modules/Upload/CGI.pm   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Modules/Upload/CGI   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Modules/Upload/CGI/Util.pm   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Sources   drwxr-xr-x (chmod 755)
cgi-bin/yabb2/Sources/*.pl   -rwxr-xr-x (chmod 755)
cgi-bin/yabb2/Templates   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Templates/default   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Templates/default/*.*   -rw-rw-rw- (chmod 666)
cgi-bin/yabb2/Variables   drwxrwxrwx (chmod 755)
cgi-bin/yabb2/Variables/*.*   -rw-rw-rw- (chmod 666)

Templates must be o+x so that YaBB can read the files inside. Variables must be o+wx because this is where variables are to be created.

public_html Files

The following files in your public_html directory need to have their permissions altered. Please note that this list does not include files for which no change is needed.
yabbfiles/Attachments   drwxrwxrwx (chmod 755)
yabbfiles/Buttons/English   drwxrwxrwx (chmod 755)
yabbfiles/Buttons/English/*.*   drwxrwxrwx (chmod 755)
yabbfiles/smilies   drwxrwxrwx (chmod 755)
yabbfiles/smilies/*.*   drwxrwxrwx (chmod 755)
yabbfiles/Templates/Admin/default.css   -rw-rw-rw- (chmod 666)
yabbfiles/Templates/Forum   drwxrwxrwx (chmod 755)
yabbfiles/Templates/Forum/default.css   -rw-rw-rw- (chmod 666)
« Last Edit: Sep 24th, 2007 at 10:33pm by »  
Back to top
 
IP Logged
 
Captain John
Ex Member


Re: CHMOD
Reply #1 - Jan 8th, 2009 at 3:22am
Print Post  

i have written a shell-script, which sets all permissions correctly. setup is then working without problems:

-------------------------->%----------------------------

#!/bin/sh

# personal settings
FILESDIR="/path/to/yabbfiles"
CGIDIR="/path/to/cgi-bin/yabb2"

# apache2 runs as user www-data and www-data is in group wwww
chgrp -R www $FILESDIR
chgrp -R www $CGIDIR

# as told in the manual
chmod 660 $FILESDIR/Templates/Admin/default.css
chmod 660 $FILESDIR/Templates/Forum/default.css
chmod 660 $FILESDIR/Templates/Forum/yabb21.css
chmod 660 $CGIDIR/Boards/*
chmod 660 $CGIDIR/Help/English/Admin/*
chmod 660 $CGIDIR/Help/English/Gmod/*
chmod 660 $CGIDIR/Help/English/Moderator/*
chmod 660 $CGIDIR/Help/English/User/*
chmod 660 $CGIDIR/Languages/English/*
chmod 660 $CGIDIR/Members/*
chmod 660 $CGIDIR/Messages/*
chmod 660 $CGIDIR/Templates/default/*
chmod 660 $CGIDIR/Templates/yabb21/*
chmod 660 $CGIDIR/Variables/*

# cook.txt must be written to this directory
chmod 770 $CGIDIR/Variables

# perhaps later new files must be written to these directories
# so better make them writable (Messages, Members and Templates look very
# much like that)
chmod 770 $CGIDIR/Boards
chmod 770 $CGIDIR/Help/English/Admin
chmod 770 $CGIDIR/Help/English/Gmod
chmod 770 $CGIDIR/Help/English/Moderator
chmod 770 $CGIDIR/Help/English/User
chmod 770 $CGIDIR/Languages/English
chmod 770 $CGIDIR/Members
chmod 770 $CGIDIR/Messages
chmod 770 $CGIDIR/Templates/default
chmod 770 $CGIDIR/Templates/yabb21

# normal files in $FILESDIR are no scripts so they don't have to be
# executable
find $FILESDIR -type f -perm 750 -exec chmod 640 {} \;

# normal files in $CGIDIR which are no pl-files don't have to be
# executable
find $CGIDIR -type f -perm 750 -exec chmod 640 {} \;
find $CGIDIR -type f -iname '*.pl' -exec chmod 750 {} \;

# Paths.pl has to be writable (it's no perl script but the paths
# configuration)
chmod 660 $CGIDIR/Paths.pl


contributed by sarky
  
Back to top
 
IP Logged
 
Captain John
Ex Member


Re: CHMOD
Reply #2 - Dec 17th, 2009 at 5:17am
Print Post  
Sept 4, 2007 - This is general information on CHMOD, and is not specific to YABB - Source Coppermine's Documentaton

2.1.1.1 Apache on Unix/Linux (CHMOD)

    * Basics
      There are different flavors of Unix/Linux - all of them share a similar, somewhat common approach. In referring to this architecture, the word "Lunix" is used for both Unix and Linux derivates. "Read" permissions apply to files that are not actively run, but only being served, e.g text or plain html files. "Write" permissions are needed to dynamically create files, modify or delete them. "Execute" permissions are needed to run executable files, for example, script files like PHP. To serve web pages that are php-powered properly, the most basic permissions that are needed, therefore, are "read" and "execute" (abbreviated as r-x).
      Possible permissions settings are:
          o r-- ... read only
          o r-x ... read and execute
          o rwx ... read, write and execute
      Needless to say, other combinations are technically possible (such as -wx, --x or -w-), but they make little sense in webserver setups and will be ignored in this tutorial.
    * Groups in Lunix
      Lunix uses a set of three-group permissions, each of which can be applied independently. These are: owner, group and world. Using this set, you can dictate if a user who owns a file has permission to modify or delete it (write permission) while other users will only be able to read/view and possibly execute the file. On your server, these permission settings for the three possible groups are written in as a single line entry (in the order "owner", "group", "world").
      Examples :
          o rwxrwxrwx ... read, write and execute (rwx) permissions for all three groups
          o rwxr-xr-x ... rwx permissions for the owner, r-x permissions for all others
          o r-xr-xr-x ... read and execute permissions for all groups, only
    * Webserver daemon
      Even though you (the user who owns the files on your server and who has control over the permissions) may be able to access a file (e.g. using your FTP app), the coppermine script may not be able to do so. This is often caused by a particular setup option for servers: services (in Lunix often called "daemons") may run in the context of a specific user that is different from the user who is allowed to access the files. On many such servers, the webserver (apache) service runs as user "nobody". This way, the server can be protected against hacker attacks. Therefore, setting permissions on a server for the "owner" only does not work on these particular setups, you must set permissions for both "group" and "world" (at least for the group the webserver daemon is in).
    * Binary arithmetics
      As you can see, permissions can be either "on" or "off" - this is the equivalent to the two different states that a bit of data can have in binary arithmetics (and therefore, also in the whole world of computing). As we have three types of different permissions (read, write, execute), we will need three bits to assign a set of permissions. The highest bit is the "read" bit - decimal "4" is used to represent it. The middle bit "write" is assigned to decimal "2", the lowest bit "execute" is represented by decimal "1". This may be a bit hard to understand or follow at first, especially if you haven't dealt with binary arithmetics before. If you would like to learn more, google for it.
# What good is all of this?
Instead of having to remember and write rwxrwxrwx for each file or folder in your setup, you can now write 777 in its place. The same applies for rwxr-xr-x, you can write 755, instead.
# FTP application
Setting the permissions using your FTP application will be the option available for most users who are webhosted. Depending on the FTP app you use, the user interface will slightly differ: some apps will allow you to enter the CHMOD command by entering the numbers (777 or 755), others will provide you with checkboxes where you can tick the permissions separately for each group. More advanced FTP apps may even provide you with both mechanisms. As this documentation can't cover all individual FTP apps that are available, the exact method might differ a bit from what you have.
Your FTP app will probably have two windows, one showing your local files, the other one showing the files on your server. In the window that shows the remote files on the server, navigate to the folder your coppermine files reside in. Highlight the "albums" folder that resides within the coppermine folder. From the context menu (right-click!), choose "properties" (might be named "chmod" or similar as well). The permissions dialog will then pop up. Choose the proper permissions as suggested above (777 or 755, depending on your server setup). If you have a checkbox that enables the permissions to propagate for all sub-folders and files, tick it. If you don't have it, nevermind. Then click "OK" on the dialog box to apply the permissions. Keep in mind that your FTP app might not have the power to actually find out about the current permissions that are applied, so you mustn't trust the information displayed in the dialog box: even if it appears that the permissions are already set as needed, this may not be the case, so you should re-apply the permissions no matter what.
After having applied the permissions for the albums folder, do the same thing for the include folder that resides within your coppermine folder.
# Website control panel
Some webhosts may not give you the option to access your site using FTP, or they may not allow your FTP client to execute the CHMOD command. If this is the case, you probably have a server setup interface (e.g. cpanel) to apply permission to folders and files. In fact, this doesn't matter, the method for applying permissions doesn't differ from the one described above in the section "FTP application": navigate to the albums folder and apply the permissions needed to give your webserver write access to all files and folders within the albums folder. Do the same thing for the include folder as well.
# Shell access
If you have shell access to your server, you can apply the native CHMOD command on your files and folders. Go to your coppermine folder using your shell access, then apply the permissions to the albums and include folder and everything within it. As explained above, the user the apache daemon runs under needs write access, so you should CHMOD to 777 or 755, depending on your server setup.
« Last Edit: Aug 2nd, 2012 at 5:27pm by »  
Back to top
 
IP Logged
 
Page Index Toggle Pages: 1
Print
 
  « Board Index ‹ Board  ^Top