laziness, impatience, and hubris | |
PerlMonks |
File Upload Permission Problemsby Tallek (Initiate) |
on Sep 12, 2006 at 19:50 UTC ( [id://572609]=perlquestion: print w/replies, xml ) | Need Help?? |
Tallek has asked for the wisdom of the Perl Monks concerning the following question:
Ok, I'm a little confused right now and I can't seem to figure this out so any help would be appreciated.
what I'm working with: I'm working with 2 environments, a test environment and a production evironment. The 2 enviroments are on different servers that are supposedly set up identically. Unfortunately, I don't have root access or permission/authority to do much with these servers. what I need to do: I've been tasked with updating a website that broke after a server move. The website used perl to implement a file upload utility. The file upload was failing. what I've done thus far: It was obvious the file upload problem was a permissions problem due to the server move. By granting full permissions on the upload directory, I could get the file uploads working for both environments. This was not satisfactory however because I don't want to open up the whole directory for write access (I don't really have a choice in this matter as it wasn't my decision). I figured that I could add the user executing the cgi scripts (lets call it 'cgiUser') to the group of the user/group owning the directories (lets call it 'user1' and 'userGroup1'). This way, I can grant write permissions for group to the upload directory but not for everyone. Eventually, I was able to get the system admins to add 'cgiUser' to 'userGroup1'. the current problem: After adding 'cgiUser' to 'userGroup1' I can set group permission to have write access to the upload directory and no write access for everyone else. File uploads work perfectly fine in the production evironment. They still fail with a permission denied error in the test environment and from what I can see, they look to be set up identically. Is there some other factor that I'm overlooking or don't know about? here is what the upload directory looks like for both environments: drwxrwxr-x 'user1' 'userGroup1' uploadDir both environments have a 'user1' that belongs to the 'userGroup1'. Both environments run cgi scripts as 'cgiUser' and the 'cgiUser' is a member of 'userGroup1'. the line of the cgi code thats failing on the test environment but working on production is: sysopen OUTPUT, $file{fullpath}, O_CREAT | O_RDWR | O_EXCL or error( "Unable to save your file." ); on production environment, I tried taking away write permissions for the group and it fails as expected. It works when the group has write permissions. On test, I can grant everyone write permissions and it works. When it uploads, the files are owned by 'cgiUser' as expected. I grant group write permissions only and it fails. I'm new to both perl and the unix evironment to some extent so sorry if I'm asking anything stupid here. Any advice that you can give me would be much appreciated. I'm off work for the day but I'll be back in the morning so thanks in advance for any feedback.
Back to
Seekers of Perl Wisdom
|
|