问题
I have set my local laravel 5 storage folder to permissions 755 and to user www-data, as I use apache2 on my machine. However I was getting blank screens instead of stack traces on errors so I changed the permissions to 777 which resolved the issue.
However I feel this is a (terrible) bandaid as really it is allowing any user to modify this directory with all permissions rather than the correct user with limited permissions. I don't know if this issue will affect the development or production server but granting those permissions in such a scenario is not an option.
How do I figure out which user (or group) actually needs permissions to use this directory for laravel logging so I can assign the directory to them and return the permissions back to 755?
I have tried
ps aux | egrep '(apache|httpd)'
but it shows that most processes are being run as www-data...
回答1:
You're on the right track with ps aux | egrep '(apache|httpd)'.
Processes
Apache/httpd is started as user root, but then it spawns processes to handle incoming request as the user defined in it's configuration. That default user is usually either www-data or apache.
Server OS
On CentOS/RedHat servers, you'll likely see processes being run as user/group apache (this is the default).
On Debian/Ubuntu, the default user set for the processes handling requests is www-data.
This all assumes apache is using mod-php. If you are using php-fpm, the use running PHP may be configured separately (altho it has the same defaults as apache in my experience).
Permissions for storage
As it sounds like you know, the storage directory needs to be writable by the user or group (depending on permissions) running those processes.
www-data?
It sounds like the result of ps aux | egrep '(apache|httpd)' was www-data, so it's likely, but not 100% definitive, that the directory needs to be writable by user/group www-data (either by setting it as the owner and ensuring owner has those permissions, or setting it via group permissions, or making it world-writable).
A quick test
One easy way to tell is if you delete the log file / view cache files from the storage directory, and then make that directory world-writable.
Make some requests in Laravel that would re-generate those files, and then see what user/group is set on the new files.
That is one way to see what the user/group is set to of the process running PHP.
回答2:
Are the folders in storage set to 755 too?
If not, you should change the permissions recursively by doing chmod -R 755 storage. Just take care when you use chmod -R because you could set the entire server to 755 by mistake.
来源:https://stackoverflow.com/questions/34175523/proper-laravel-storage-permissions