This is an old revision of the document!
Set rights of files in public_html
<code bash> #!/bin/bash - #
# # FILE: fixphrights.sh # # Usage: ./fixphrights.sh # # Description: Set rights of user /home/*/public_html directors in a secure # and useful way # - all files/directories get chown user:www-data, so users own them # and the webserver has group access # - group www-data is added # g+r for files (webserver can read all files) # g+rsx for directories (webserver can read and change into all directories) # - o-rights (for all) are completely removed, so shell users can't read # files of other users (possibly containing passwords etc). # This can be run in a cronjob and will fix rights every five minutes, e.g.: # Crontab entry: # 5 */1 * * * root nice /home/brb/bin/fixphrights.sh # Options: none # Requirements: — # BUGS: — # Notes: — # Author: Bernhard Brunner (bn), bernhard.brunner@epr.ch # Company: epr.ch # Created: 2011/03/11 07:33 # Last modified: 2011/03/11 07:40 # Revision: — #
set -o nounset # Treat unset variables as an error
setrights () {
echo $1 cd /home/$1 mkdir -p public_html cd public_html find . -type d -print0 | xargs -0 chown $1:www-data find . -type d -print0 | xargs -0 chmod u+s,g+rsx,o-rwx find . -type f -print0 | xargs -0 chown $1:www-data find . -type f -print0 | xargs -0 chmod g+r,o-rwx chown $1:www-data . chmod u+x,g+rx,o-rwx .
# chmod u+x } # ———- end of function setrights ———-
cd /home for i in * ; do
echo $i if [[ "$i" != "lost+found" ]] ; then setrights $i fi
done </file>
Ref: http://ubuntuincident.wordpress.com/2010/11/21/setting-rights-for-public_html/
~~LINKBACK~~
Discussion