Yep, as you've said, using 777 could be huge mistake. The webserver doesn't run with the same user as you use to create files and folders.

是的，正如你所说，使用 777 可能是一个巨大的错误。网络服务器与您用于创建文件和文件夹的用户不同。

You have some options:

你有一些选择：

• Run the sitemap creation as a cronjob, using an user with rights to write there, other than the apache user.
• Put the sitemap in another directory, and the set up a 302 Redirector a symlink. In this case, if you have a security issue that let's someone to write your sitemap.xml, at least they'll not be able to create another file with a more dangerous extensions (like PHP, which may result in a site intrusion).
• Make a rewrite rule to redirect any hit to sitemap.xml, to a php script that outputs the appropriate XML.

• 将站点地图创建作为 cronjob 运行，使用具有写入权限的用户，而不是 apache 用户。
• 将站点地图放在另一个目录中，并设置一个302 Redirect或一个符号链接。在这种情况下，如果您有一个安全问题，让某人编写您的sitemap.xml.
• 制定重写规则，将任何命中重定向到 sitemap.xml，然后重定向到输出相应 XML 的 php 脚本。

Good luck!

祝你好运！

777 is pretty normal, because PHP does not run as you, it runs as a PHP user, Apache, etc. The fact is, your webhost should have a higher set of permissions that prevents other users from writing/deleting your files.

777 很正常，因为 PHP 不会像您一样运行，而是以 PHP 用户、Apache 等身份运行。事实是，您的虚拟主机应该具有更高的权限集，以防止其他用户写入/删除您的文件。

Does it work with group write enabled (i.e. 775)? Check your group permissions for the directory the file is in. As long as your PHP user (usually www-data) is part of that group, and it's the only user, you should be fine with 775 (or even 774).

它是否适用于启用组写入（即 775）？检查文件所在目录的组权限。只要您的 PHP 用户（通常是 www-data）是该组的一部分，并且它是唯一的用户，您应该可以使用 775（甚至 774）。

If you have ACL enabled on the webroot partition just grant the web server username full rights

如果您在 webroot 分区上启用了 ACL，只需授予 Web 服务器用户名完全权限

setfacl -m u:apache:rwx /var/www/html

Replace apachewith the web server username and /var/www/htmlwith your webroot location.

替换apache为 Web 服务器用户名和/var/www/html您的 webroot 位置。

I'm a beginner and I had this problem as well. I am using Ubuntu linux w/ php and apache

我是初学者，我也遇到了这个问题。我正在使用带有 php 和 apache 的 Ubuntu linux

• Write a php script w/ the following: <?php exec('whoami'); ?>and run it on your server. This tells you who the current user of the script is
• SSH to your server.
• Make a group that has read and write access to the files you need.
• Make group have read, write, and execute on folders you need.
• Make the current user you found in the first step, part of the group that has access to the files you need.
• Restart Apache: sudo apachectl restart

• 编写一个带有以下内容的 php 脚本：<?php exec('whoami'); ?>并在您的服务器上运行它。这会告诉您脚本的当前用户是谁
• SSH 到您的服务器。
• 创建一个对您需要的文件具有读写访问权限的组。
• 使组具有对您需要的文件夹的读取、写入和执行权限。
• 使您在第一步中找到的当前用户成为有权访问所需文件的组的一部分。
• 重启阿帕奇： sudo apachectl restart

main commands you need are:

您需要的主要命令是：

• groupadd: Create a new group
• usermod: add your user to a new group
• chgrp: changes files / folders to group you specify
• chmod: changes permissions on the files / folders you specify. All the commands you need are here: http://www.yolinux.com/TUTORIALS/LinuxTutorialManagingGroups.html

• groupadd：创建一个新组
• usermod：将您的用户添加到新组
• chgrp：将文件/文件夹更改为您指定的组
• chmod：更改您指定的文件/文件夹的权限。您需要的所有命令都在这里：http: //www.yolinux.com/TUTORIALS/LinuxTutorialManagingGroups.html

had the same problem

有同样的问题

Looks like apache is running as nobodyin the nobody group

如Apache看起来运行为无人没人组

so if you do a

所以如果你做一个

useradd -G nobody youruser

chown -R youruser:nobody .

Then change the permission to 0775

然后把权限改成0775

chmod -R 0775 .

or you may add nobody to your usergroup

或者您可以将任何人添加到您的用户组

useradd -G nobody yourgroup

this be a better solution

这是一个更好的解决方案

Like Pascal said! just find your apache user

就像帕斯卡说的！只需找到您的 apache 用户

<?php exec'whoami'; ?>

and then

进而

useradd -G username username2
chown -R username:username2 .
chmod -R 0775 .

And its done! Thank you Pascal!

大功告成！谢谢帕斯卡！