适当的 Laravel 存储权限
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/34175523/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Proper laravel storage permissions
提问by myol
I have set my local laravel 5 storage folder to permissions 755and to user www-data, as I use apache2on my machine. However I was getting blank screens instead of stack traces on errors so I changed the permissions to 777which resolved the issue.
我已将我的本地 laravel 5 存储文件夹设置为 permissions755和 user www-data,就像我apache2在我的机器上使用的那样。但是,我得到的是空白屏幕而不是错误的堆栈跟踪,因此我更改了777解决问题的权限。
However I feel this is a (terrible) bandaid as really it is allowing anyuser to modify this directory with all permissions rather than the correct user with limited permissions. I don't know if this issue will affect the development or production server but granting those permissions in such a scenario is not an option.
但是,我觉得这是一个(可怕的)创可贴,因为它实际上允许任何用户以所有权限而不是具有有限权限的正确用户来修改此目录。我不知道这个问题是否会影响开发或生产服务器,但在这种情况下授予这些权限不是一种选择。
How do I figure out whichuser (or group) actually needs permissions to use this directory for laravel logging so I can assign the directory to them and return the permissions back to 755?
我如何确定哪个用户(或组)实际上需要使用此目录进行 Laravel 日志记录的权限,以便我可以将目录分配给他们并将权限返回给 755?
I have tried
我试过了
ps aux | egrep '(apache|httpd)'
but it shows that most processes are being run as www-data...
但它表明大多数进程正在运行www-data...
采纳答案by fideloper
You're on the right track with ps aux | egrep '(apache|httpd)'.
你在正确的轨道上ps aux | egrep '(apache|httpd)'。
Processes
流程
Apache/httpd is started as user root, but then it spawns processes to handle incoming request as the user defined in it's configuration. That default user is usually either www-dataor apache.
Apache/httpd 以 user 身份启动root,但随后它会生成进程以按照其配置中定义的用户身份处理传入请求。该默认用户通常是www-data或apache。
Server OS
服务器操作系统
On CentOS/RedHatservers, you'll likely see processes being run as user/group apache(this is the default).
在CentOS/RedHat服务器上,您可能会看到以用户/组身份运行的进程apache(这是默认设置)。
On Debian/Ubuntu, the default user set for the processes handling requests is www-data.
在Debian/Ubuntu 上,为处理请求的进程设置的默认用户是www-data.
This all assumes apache is using mod-php. If you are using php-fpm, the use running PHP may be configured separately (altho it has the same defaults as apache in my experience).
这一切都假设 apache 正在使用 mod-php。如果您正在使用php-fpm,则可以单独配置运行 PHP 的使用(尽管根据我的经验,它与 apache 具有相同的默认值)。
Permissions for storage
权限 storage
As it sounds like you know, the storagedirectory needs to be writable by the user or group (depending on permissions) running those processes.
正如您所知,该storage目录需要可由运行这些进程的用户或组(取决于权限)写入。
www-data?
www-数据?
It sounds like the result of ps aux | egrep '(apache|httpd)'was www-data, so it's likely, but not 100% definitive, that the directory needs to be writable by user/group www-data(either by setting it as the owner and ensuring owner has those permissions, or setting it via group permissions, or making it world-writable).
这听起来像是ps aux | egrep '(apache|httpd)'was的结果www-data,所以很可能,但不是 100% 确定,目录需要可由用户/组写入www-data(通过将其设置为所有者并确保所有者具有这些权限,或通过组权限设置它,或使其成为世界可写)。
A quick test
快速测试
One easy way to tell is if you delete the log file / view cache files from the storagedirectory, and then make that directory world-writable.
一种简单的判断方法是,是否从storage目录中删除日志文件/查看缓存文件,然后将该目录设置为全局可写。
Make some requests in Laravel that would re-generate those files, and then see what user/group is set on the new files.
在 Laravel 中发出一些请求来重新生成这些文件,然后查看在新文件上设置了哪些用户/组。
That is one way to see what the user/group is set to of the process running PHP.
这是查看运行 PHP 的进程的用户/组设置的一种方法。
回答by Alex
Are the folders in storageset to 755 too?
文件夹是否也storage设置为 755?
If not, you should change the permissions recursively by doing chmod -R 755 storage. Just take care when you use chmod -Rbecause you could set the entire server to 755 by mistake.
如果没有,您应该通过执行递归更改权限chmod -R 755 storage。使用时要小心,chmod -R因为您可能会错误地将整个服务器设置为755。
