Thursday, October 27, 2022

[SOLVED] How to Get Shell Script to Change File Permissions?

Issue

I have a webpage where users can upload a file. After the upload, the webpage calls a shell script to move the uploaded file to another location. I'm certain the "mv" command is failing because of a permissions issue, but I'm uncertain how to overcome this.

First things first. My webpage runs on an Ubuntu 16.04 server and Apache2 2.4.41. When the user uploads a file, that file is saved on the server in directory /var/www/html/uploads:

me@myServer:/var/www/html/uploads$ ls -l
total 44
-rw-r--r-- 1 www-data www-data   761 Feb 21 15:38 UsersUploadedFile.txt
me@myServer:/var/www/html/uploads$

I notice that the file is owned by user www-data.

Once the file is uploaded, the webpage calls this shell script to move the file to another directory:

#!/bin/bash
echo "Attempting to move the uploaded file..."
{
        mv /var/www/html/uploads/UsersUploadedFile.txt  /home/me/UsersUploadedFile.txt
} || {
   echo "Gah, failed to move the file!"
}

When the file is uploaded, you see this on my webpage:

Attempting to move the uploaded file...
Gah, failed to move the file!

So the "mv" command is failing.

My first instinct was that this was a permissions issue. The file-to-be-moved is owned by user www-data, as I mentioned before. The shell script is too:

me@myServer:/var/www/html$ ls -l
total 36
-rwxr-xr-x 1 www-data www-data  593 Feb 21 15:53 moveTheFile.sh
me@myServer:/var/www/html$

But the directory where I want to file to be moved is owned by user me, and I can't change that for other scripting reasons.

What I guess I'd like to do is to is have the shell script change UsersUploadedFile.txt 's ownership to user me, and then move the file. But if I insert a chown command into the shell script, that command fails, too.

It looks like user www-data is running the apache2 service, therefore also running the shell script...? I'm not sure.

me@myServer:/var/www/html$ ps -ef | grep apache
root      14931      1  0 13:00 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  14934  14931  0 13:00 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  14935  14931  0 13:00 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  14936  14931  0 13:00 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  14937  14931  0 13:00 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  14938  14931  0 13:00 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  14942  14931  0 13:00 ?        00:00:00 /usr/sbin/apache2 -k start
ph9821    15165  14831  0 16:03 pts/2    00:00:00 grep --color=auto apache
me@myServer:/var/www/html$

So what might I be doing wrong here? And how can I get the shell script to change file permissions? I guess that's what I really need done here. Thank you.


Solution

This is a permission issue. User www-data cannot write a file in your home directory.

Assuming your home directory is owned by user "me" and group "me", you will have to set permissions on your home directory so your group can write into it (it should already). Then add user www-data in that group.

Important note

If you put permission 777 on your home directory, then every user on the system can write into that directory! You should put 775 or 770. Only you and your group should be able to write (and maybe read also, depending on your requirement). Not important if this is your own machine, critical if this is a machine with many users.

Remember permissions are: user group others. 777 is rwx for all 3. It can be dangerous.



Answered By - Nic3500
Answer Checked By - David Marino (WPSolving Volunteer)