A basic presentation explaining Unix file and folder ownership and permissions, and how this relates to the Joomla! Content Management System - by Ruth Cheesley, Virya Technologies
Joomla! User Group Suffolk - Demystifying Ownership and Permissions in Unix and Joomla!
1. Getting to grips with ownership
and permissions
Ruth Cheesley – Virya Technologies
@RCheesley / @ViryaTech
Did you tell people you're at @JoomlaSuffolk
this evening? Did you check in at Basepoint?
3. Some things I want to
Share with everyone
(the world)
Emergency Phone Number
(share with all who know where to find it)
Some things I might
nly want to be available
to me (owner)
Some things I might
want to share with
I might want to share these groups
something with just this
group
5. World
(The world, the universe, and everything – not in the same group
as the owner)
Group
(A set of users in the same group as the owner)
Owner
(owns the file)
6. Can view the file
Chmod +r / -r
Numerical value = 4
Read (r)
Write (w) Can make changes or modify the file
Chmod +w / -w
Numerical value = 2
Execute (x)
Can run the file (generally applicable at command line)
Chmod +x / -x
Numerical value = 1
NOTE: Folders cannot be listed and files within
can't be accessed if the folder does not have
execute permissions
7. So what about 7's and 6's
● All permission combinations are derived by
adding these basic permissions
● 7 represents Read (4) + Write (2) + Execute
(1)
● 6 represents Read (4) + Write (2)
8. Basic file permissions
Number Permission
0 Deny all
1 Execute (x) only
2 Write (w) only
3 Write & Execute (2+1)
4 Read only
5 Read & Execute (4+1)
6 Read & Write (4+2)
7 Read + Write + Execute (4+2+1)
9. Important considerations
● Write permissions are required for moving a file
● You must be owner of a file/folder to change its
permissions
● You need read permission on a folder to show
the contents
● Generally permissions are tighter for 'world', less
so for 'group' and least for 'owner'
10. So what does 755 and 644 mean?
● In Joomla! Folders should be 755 and files 644
– configuration.php should be 444
● What does this mean?
● Let's work it out!
12. What is chmod all about?
● A command you can use to change the
permissions on files and folders
● Used in command line
● Example:
chmod [options] [permissions] [item]
chmod +R 644 MyFolder
13. Why does this cause problems?
● Generally down to poor setup by hosting
providers (or simply lack of awareness)
● Usually relates to how Joomla! was originally
installed
● Which user 'owns' the files and folders, and
therefore has or doesn't have permissions
14. File and
folder has
permissions
which restrict
who can:
If file/folder is not
● Read available with
● Write appropriate
● Execute Trying to access and/or move access, 403
files and/or folders, or list forbidden
folders will result in:
FTP username is If file/folder is
joebloggs available with
appropriate
Therefore access, access
OWNED by granted
joebloggs
joebloggs is in
the managers
group
15. Where it goes wrong
World
(The world, the universe, and everything – not in the same group
as the owner)
Group
(A set of users in the same group as the owner)
Owner
(owns the file)
16. How to fix this
● Chmod the files & folders to the correct
permissions, if permission is an issue (or use
Admin Tools!)
● Set up the server correctly -
www.virya.co.uk/joomlaserversetup
17. The geeky stuff
● If your server runs mod_php
– Document root: 750
– Directories: 755 (711 if you're paranoid – only if not listed)
– Files: 644
● If your server runs fast-cgi, suphp or cgi
– Document root: 750
– Directories: 755 (711 if you're paranoid – only if not listed)
– HTML & Image files: 644 (444 if you're paranoid)
– PHP files: 600 (400 if you're paranoid)
SOURCE: www.virya.co.uk/joomlaserversetup
18. A word of warning
● It's very useful to have a basic understanding of
ownership & permissions to help you
troubleshoot, but TAKE BACKUPS!
● You can completely break things by tinkering
with permissions if you don't know what you're
doing!
● If in doubt, speak to a geek!
19. Thank you!
Any questions?
Ruth Cheesley
@Rcheesley / @ViryaTech
Notas del editor
Data is everything in the digital age – with vital information no longer entrusted to lock and key but being stored on computers often thousands of miles away from where they were deposited. Controlling who can access this data – whether it be your bank account or your facebook photos – comes down to a simple matter of ownership, and permissions. People often get totally baffled by these core concepts so hopefully this should make a bit of sense and help you understand how it works. Once you 'get' this you're over a large hurdle when it comes to web design and hosting issues!