dortmundbvb0624
2018-10-21 22:02
浏览 169
已采纳

试图在Ubuntu 18.04 LTS上部署Symfony - setfacl不工作?

I'm following the guide here (admittedly it's a little dated) to deploy my first Symfony 4 project to production. It was going all good until I got to the file permissions. I did the steps specifically in Step 4 of the link :

sudo chown -R myuser:myuser /var/www/html
sudo chmod -R 750 /var/www/html
sudo setfacl -R -m u:www-data:rX /var/www/html/project
sudo setfacl -R -m u:www-data:rwX /var/www/html/project/var/cache /var/www/html/project/var/log
sudo setfacl -dR -m u:www-data:rwX /var/www/html/project/var/cache /var/www/html/project/var/log

That gives me

getfacl /var/www/html/project

# file: var/www/html/project/
# owner: myuser
# group: myuser
user::rwx
user:www-data:r-x
group::r-x
mask::r-x
other::---

and

getfacl /var/www/html/project/var/cache

# file: var/www/html/project/var/cache
# owner: myuser
# group: myuser
user::rwx
user:www-data:rwx
group::r-x
mask::rwx
other::---
default:user::rwx
default:user:www-data:rwx
default:group::r-x
default:mask::rwx
default:other::---

However when I go to run the web app I get a blank page and the error log shows

[crit] 3116#3116: *12 stat() "/var/www/html/project/public/" failed (13: Permission denied)

So it seems the setfacl isn't working? What am I doing wrong here? Is there a better guide for permissions?

图片转代码服务由CSDN问答提供 功能建议

我正在按照指南这里(诚然这有点过时了)部署我的第一个Symfony 4 项目到生产。 在获得文件权限之前,它一切顺利。 我在链接的第4步中专门执行了这些步骤:

  sudo chown -R myuser:myuser / var / www / html 
sudo chmod -R 750 / var / www /  html 
sudo setfacl -R -mu:www-data:rX / var / www / html / project 
sudo setfacl -R -mu:www-data:rwX / var / www / html / project / var / cache / var /  www / html / project / var / log 
sudo setfacl -dR -mu:www-data:rwX / var / www / html / project / var / cache / var / www / html / project / var / log 
   
 
 

这给了我

  getfacl / var / www / html / project 
 
#file:var / www /  html / project / 
#owner:myuser 
#group:myuser 
user :: rwx 
user:www-data:rx 
group :: rx 
mask :: rx 
other :: --- 
   
 
 

  getfacl / var / www / html / project / var / cache 
 
#file:var /  www / html / project / var / cache 
#owner:myuser 
#group:myuser 
user :: rwx 
user:www-data:rwx 
group :: rx 
mask :: rwx 
other ::  -   -  
默认:用户:: RWX 
默认:用户:WWW的数据:RWX 
默认:组:: RX 
默认:掩模:: RWX 
默认:其他:: --- 
   
 
 

然而,当我去运行网络应用程序时我 得到一个空白页面,错误日志显示

[crit] 3116#3116:* 12 stat()“/ var / www / html / project / public /” 失败(13:权限被拒绝)

所以似乎setfacl无效? 我在这做错了什么? 是否有更好的权限指南?

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • duanba7653 2018-10-22 02:53
    已采纳

    Given the www-data user isn't a member of the myuser group, it requires +x permissions to descend through the /var/www/html directory. The existing permissions in the question are '750'. To change this:

    chmod o+x /var/www/html
    
    打赏 评论

相关推荐 更多相似问题