Get the most out of your Centmin Mod LEMP stack
Become a Member

Permission changes on upgrades

Discussion in 'Install & Upgrades or Pre-Install Questions' started by SneakyDave, Nov 15, 2014.

Tags:
  1. SneakyDave

    SneakyDave Member

    84
    14
    8
    Jul 24, 2014
    Ratings:
    +22
    Local Time:
    10:21 PM
    1.0.15
    I don't think this is specific to centminmod, but it just so happens to cause me the most grief.

    Whenever I do a yum update on my server, the permissions for the /home/nginx/ user get reset to a lower permission than I need. I assume this is a security feature or something to protect users's home directories?

    I have the /home/nginx/domains/ directory set to group writable so that I can use another user in the "nginx" group to ftp and/or edit files in those directories, but I have to reset those permissions everytime I do an upgrade, or perhaps when a certain upgrade happens, not sure which.


    Is there a way to fix that, or do I have to possible run a cron routinely to set the correct permissions?

    I have a similar problem with a CentOS box (not centminmod) where the /var/lib/php directory is changed to be owned by root, and unwritable by anybody else, but /var/lib/php is the default directory for saved sessions in php.ini. So I have to reset that directory to be writable on every yum update, or I should just reassign that saved session directory, if I was smart. :LOL:
     
  2. eva2000

    eva2000 Administrator Staff Member

    54,599
    12,225
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,794
    Local Time:
    2:21 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    strange, I honestly haven't come across this at all with Centmin Mod and CentOS 6.5 at least and CentOS 7.0 too early to tell

    what are the permissions before and after yum updates for

    Code:
    ls -lah /home/nginx
    ls -lah /home/nginx/domains
    you can use yum history command to narrow down which yum package updates are around the time of permission changes
     
  3. SneakyDave

    SneakyDave Member

    84
    14
    8
    Jul 24, 2014
    Ratings:
    +22
    Local Time:
    10:21 PM
    1.0.15
    Right now, /home/nginx is
    Code:
    xxxxx /home/nginx/domains: ls -lah /home/nginx/
    total 24K
    drwxrwsr-- 3 nginx nginx 4.0K Sep 30 00:14 .
    drwxr-xr-x 6 root  root  4.0K Sep 30 00:14 ..
    -rw-rw-r-- 1 nginx nginx   18 Sep 26 02:13 .bash_logout
    -rw-rw-r-- 1 nginx nginx  176 Sep 26 02:13 .bash_profile
    -rw-rw-r-- 1 nginx nginx  124 Sep 26 02:13 .bashrc
    drwxrwsr-- 6 nginx nginx 4.0K Oct 21 00:32 domains
    
    And /home/nginx/domains is:
    Code:
    
    xxxxx /home/nginx/domains: ls -lah /home/nginx/domains
    total 24K
    drwxrwsr-- 6 nginx nginx 4.0K Oct 21 00:32 .
    drwxrwsr-- 3 nginx nginx 4.0K Sep 30 00:14 ..
    drwxrwsr-- 6 nginx nginx 4.0K Oct 30 00:40 thesiteiuse.com
    drwxr-sr-x 6 nginx nginx 4.0K Oct 21 00:32 someothersite.com
    drwxrwxr-- 6 nginx nginx 4.0K Sep 30 00:14 someothersite.com
    drwxr-sr-x 6 nginx nginx 4.0K Oct 21 00:32 someothersite.com
    
    The "thesiteiuse.com" directory has group read/write, that is what I had to add after the upgrade.

    Now that I think about it, I'm not sure that the group permissions were removed, but that the owner might have been changed from myuser:nginx to nginx:nginx. I'll have to look at this more the next time I upgrade.

    Thanks for the history tip, that might point something going on to.