What does SMF want so it doesn't need FTP to chmod/chown files/folders?

[Deprecated]

I have NEVER needed to put in my FTP settings to install/uninstall mod packages. There has always been a way to get the chmod/chown settings right so the Package Manager doesn't need your FTP.

It's my dedicated server (Debian 8, nginx) and I can reconfigure anything I want. I don't want to run FTP (SCP is better and more secure). And really, over maybe 100 SMF installations I've never needed FTP to mess with the permissions.

What is the secret to installing SMF and/or configuring your server so that the Package Manager works right without FTP?

I finally dropped the equivalent of a SSH nuclear bomb and it still said it needed permissions:

find * -type d -exec chmod 777 {} +
find * -type f -exec chmod 777 {} +
chown -R www-data:www-data *

By the way I did determine my web accesses run under www-data. <?php echo exec('whoami'); ?>

Thanks!

[Deprecated]

It was easy once I slept overnight on the problem. I have a strange ability to solve problems in my subconscious while asleep. Very strange...

I woke up and I just knew, there are only two things: chown and chmod. Can't be anything else. It's either one or the other or both. But yesterday I nuked all the permissions to 777, proving it wasn't chmod.

Today I did a fresh install using my favorite way to get SMF's files over to the server. I sent the zip over and then used unzip.php: <?php system('unzip smf.........zip'); ?> executed over an Internet access. Nothing. I chowned the unzip.php to www-data:www-data. Nothing. Didn't execute. Didn't unzip.

Then that last neuron fired and I chowned the directory I was installing SMF in to www-data:www-data. Executed unzip.php from my browser and it unzipped perfectly!

I copied my Settings.php and Settings_bak.php over, then chmodded the important files (see below) and the site came up perfect. I installed a few mods and no need for any FTP assistance.

FTP? We don' need no steenkin' FTP!

So I answered my question and solved the problem of getting rid of any need for FTP assistance to change permissions on files when using the Package Manager. It all resolved down to who owns the files. In this case with my server setup they belong to the group www-data.

This little program will tell you who you are (group wise) when you are accessing your site: <?php echo shell_exec('whoami'); ?>

You'll need to chmod some important files to 755 or 777 as follows. I did it via SSH.

Code Select Expand

chmod 777 attachments
chmod 777 avatars
chmod 777 cache
chmod 777 Packages
chmod 777 Packages/installed.list
chmod 777 Smileys
chmod 777 Themes
chmod 777 agreement.txt
chmod 777 Settings.php
chmod 777 Settings_bak.php

[Deprecated]

Just an afterthought. Your PHP must not be operating in safe mode or it won't let you execute system commands from php scripts accessed online. Safe mode is determined by your php.ini setting and depending on whether you own your server or on a hosting service a local php.ini file may be able to override safe mode if it's on.

These two files will help you. Name them whatever you want and upload them to your root directory, execute from your browser:

safemode.php: <?php echo 'Safe mode is ' . (ini_get('safe_mode') ? 'on.' : 'off.'); ?>

phpinfo.php: <?php phpinfo(); ?>

[LiroyvH]

Incidentally, SMF can show you which files/folders have wrong permissions; so it pretty much already answers itself *why* it wants it.
And of course ownership is very important, it's one of the main principles of storage on linux based system.
It's mostly a problem on self-maintained servers. People who are on shared hosting for example, will *usually* not encounter issues with that. Some exceptions can occur. On a self-managed server (or local install), especially when doing things through shell and/or sftp do you need to take good care of ownership.

[Deprecated]

Oh so true! I moved my production website from a shared host to a dedicated server and that's what started my lesson on chownership!

Actually the Package Installer was totally wrong about which files had the wrong permissions. Oh it showed the files, but unless you consider ownership part of permissions then all it was telling me was the files I was having problems with.

Even if I did enable FTP I suspect the mod would still refuse to install unless the Package Installer can change ownership too (I doubt it). It was trying to do what's right, trying to tell me what was wrong, it just wasn't useful information.

Funny thing, I had everything 777 and www-data:www-data and it still wouldn't work. It was only when I got a flash of inspiration and changed SMF's root directory to www-data:www-data that everything started working perfectly, and I haven't had a problem since!

I've been maintaining servers for about 3 years now: CentOS, Debian, Apache, nginx, Apache/nginx proxied... This is the first time I've run into this though.

But you're right, I never had the slightest problem with my shared host. Although I moved my forum to a dedicated server for performance improvements, I've become increasingly dissatisfied with my hosting service (and their rip-off domain renewal registry fees) and it's likely I will be moving off shared hosting entirely very soon.

[LiroyvH]

3 years and never ran in to ownership issues...?
Then either you've been extraordinary lucky, or used dirty patches to fix what was actually an ownership problem.

And yes, the (parent) directory ownership *and* permissions can lead to funky situations.

[nend]

I ran into ownership issues last month on a local machine.

Logged in as root via terminal, assigned myself to the group and still couldn't get access. Verified I was part of the group, checked permissions, couldn't figure it out. I was having one of those what is going on moments where everything looks correct but yeah.

In the end I just logged out of the machine, then logged back in and access was mine.

I am thinking I had access via the terminal but not via the UI, if it makes any sense.

[Deprecated]

3 years and never ran in to ownership issues...?
Then either you've been extraordinary lucky, or used dirty patches to fix what was actually an ownership problem.

And yes, the (parent) directory ownership *and* permissions can lead to funky situations.

More like 8 years (see my profile) and never had issues. Only 3 years since I've been running SMF on dedicated servers (vs. shared hosting) and this is the first time I've run into a problem.

And yes, as you said, I already discovered that, and discovered how to fix it, and hope this topic may help somebody else with similar problems.

[Deprecated]

I ran into ownership issues last month on a local machine.

Logged in as root via terminal, assigned myself to the group and still couldn't get access. Verified I was part of the group, checked permissions, couldn't figure it out. I was having one of those what is going on moments where everything looks correct but yeah.

In the end I just logged out of the machine, then logged back in and access was mine.

I am thinking I had access via the terminal but not via the UI, if it makes any sense.

How you are logged in makes ALL the difference. See the "whoami" script snippet I posted above. It makes all the difference in the world if you are accessing from SSH as root, FTP as maybe "ftpuser," from the desktop as "MyName" or over HTTP as "www-data" or somesuch.

It's subtle but it's Linux and there is nothing subtle about Linux. It's either all right or all wrong. No middle ground.

I hope some of my discussion here may give others more insight into how to solve problems like this.

One thing for sure. I am never going to accept that you have to enter your FTP program login data to install mod packages. That may be a nice workaround, kind of like hiding in the corner in a cage with a gorilla sharing it, instead of opening the door and one of you exiting.