Unless you're familiar with the linux command-line, setting up file permissions can be tedious and difficult. Add a migration into the mix and it becomes very easy to have a Files directory that isn't writable by the web-server. This tutorial is meant to make this process a bit easier and leave you with a files directory that is not only writable by the webserver, but includes a "sticky" permission to ensure that all files created inside of it inherit the proper read/write access permissions.
Make sure the Files directory is owned by the proper user and group
A user may have been created specifically to house the code, or you may be using root (e.g. Pantheon). Either way, navigate to /sites/default and:
chown -R :www-data files
This will recursively set the group owner as the Apache user.
Setting the proper permission on the Files directory
From /sites/default, we'll modify the permissions on the files directory:
chmod g+ws files
Notice that we didn't recursively modify the permissions. This will happen later. For now, we're just giving the Files directory a permission set that should look like this ("ls -al" is your friend): drwxrwsr-x
This will allow the user (you) and the group (Apache) the ability to read/write within Files. the "s" makes the directory sticky, so that any files within will inherit the read/write access automatically.
If this is a new Files directory and doesn't yet have anything in it, you're done. Otherwise, keep reading...
Fixing the permissions of pre-existing files in the Files directory
The Files directory is now set up correctly, but all of the files are still inaccessible, or perhaps do not allow write access by Apache. You might be fooled into thinking that things are done, as you should be able to successfully upload files. However, if you want to modify or delete something that already exists, you may not be able to without performing the following steps
- Navigate to /sites/default/files
- Issue the following command to adjust directory permissions:
- Issue the following command to adjust file permissions:
find . -type d -exec chmod g+ws {} \;
This will recursively give all directories read/write/sticky (just like the permission you already applied to the files directory).
find . -type f -exec chmod 664 {} \;
This will recursively give all files read/write by user/group, and read to anonymous (e.g. world).
And you're done! The files directory should now be operating smoothly.
Comments
Virgil
Thank you!!!!
I searched for hours and nothing worked. Your solution was amazing.
Count Zero
Thank you very much, indeed!
Syamsul
Thanks a great deal! This has solved my headache!
PJ
Hello,
I urgently need to do this in order to update my modules in Drupal 7. However, I am newbie and am at a total loss of where and how to do this! I am sorry if this is a really stupid question, but I am hosting a website on HostMonster and have no clue where I can go and enter the code you have kindly shared with us.
Any guidance will be helpful.
Thank you,
PJ
Wolf_22
Some hosts prevent you from altering files if they're owned by apache. I know that is the case with my host. So therefor, your first bit of instruction isn't very sound, or at least, virtuous.
If I set my entire Drupal installation to be owned by apache, that would make my abilities of doing ANYTHING with the ENTIRE INSTALLATION, perilous. I wouldn't be able to change anything...
Why would I want to do that?
Thomas
How about files hosted locally?
Who would the Apache user and group be?
Add your two cents