The British Caving Association

Any views expressed are not necessarily those of the BCA
It is currently Sat 20 Apr 2019 17:10

All times are UTC [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: Wordpress permissions
PostPosted: Wed 31 Oct 2012 18:23 
Offline
Site Admin

Joined: Thu 29 Dec 2005 23:22
Posts: 298
Location: Axbridge, Somerset, UK
Chris wrote:
One question I have is about user access to the server (http://www.thecccc.org.uk). I installed wordpress so that people can update reports about trips. I wanted the wordpress application itself to be able to write to some folders, but not everyone on the internet. I'm not quite sure how to achieve that. Ie, not sure what users I have or what the permissions are. I had made one of the folders nested in the directory structure fully writable, but I doubt that's really a good idea...

_________________
Dave Cooke
BCA Webmaster, BCA Web Services, National Cave Registry Co-ordinator, CSCC Treasurer


Top
 Profile  
 
PostPosted: Wed 31 Oct 2012 18:36 
Offline
Site Admin

Joined: Thu 29 Dec 2005 23:22
Posts: 298
Location: Axbridge, Somerset, UK
Hi Chris,

I'm not really sure what you are trying to do but the following might help.

Using Linux directory permissions is the wrong way to go.

You will need anyone who needs more than public viewing access to login in. Research creating user logins and giving those users "roles".

On the Wessex site I found that Wordpress roles wasn't giving me enough control over permissions. I installed the "User Access Manager" plug-in by Alexander Schneider to get it how I wanted.

_________________
Dave Cooke
BCA Webmaster, BCA Web Services, National Cave Registry Co-ordinator, CSCC Treasurer


Top
 Profile  
 
PostPosted: Thu 08 Nov 2012 13:08 
Offline

Joined: Tue 21 Dec 2010 15:25
Posts: 5
Hi Cookie,

There's a couple different layers interacting here, perhaps I can describe better:

Take some wordpress Roles: Subscriber and Admin:
  • When Subscribe tries to upload an image, Wordpress PHP functions query the role and decide this is not allowed.
  • When Admin tries to upload an image, Wordpress PHP functions query the role and decide this is in fact allowed.
After wordpress decides that Admin can in fact upload an image, what I am running into is permission denied to write. This is from the wordpress scripts, not a wordpress rejection because of Role privileges. I was able to solve this by making the directory universally (user, group, all) writable, but I don't imagine that's really a good idea. I assume wordpress scripts run under some specific user name or group that I could give permission to, rather than having to use all?


Top
 Profile  
 
PostPosted: Thu 08 Nov 2012 14:19 
Offline
Site Admin

Joined: Thu 29 Dec 2005 23:22
Posts: 298
Location: Axbridge, Somerset, UK
Hi Chris,

your solution is the correct one.

The scripts run as the user 'nobody' (not my choice). Therefore the directory will need to be give write permission to 'all' since 'nobody' is neither you nor in your group.

You are right to be mildly concerned and in an ideal world the script should run as you (ie 'cccc'. However there is no need to worry too much. For comparison, if you were on a windows server you would have no choice since directories have to be read and writeable by all.

_________________
Dave Cooke
BCA Webmaster, BCA Web Services, National Cave Registry Co-ordinator, CSCC Treasurer


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group