Mac OS X 下 Apache 2 站点文件/文件夹的所有者/组/权限是否正确?
在网上很难找到这个问题的针对 Mac 的答案,所以我希望有人可以帮我解决这个问题?我的网站上的权限被搞砸了,我不知道如何修复它们,而不只是在所有明显不正确的事情上猛击递归 777。
谢谢!
It's hard to find Mac-specific answers to this question on the web, so I'm hoping someone out there can put this one to rest for me? My permissions are screwed up on my sites and I'm not sure how to fix them without just slamming a recursive 777 on everything which is quite obviously incorrect.
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(8)
我知道这是一篇旧文章,但对于升级到 Mountain Lion (10.8) 并遇到类似问题的任何人,请将
FollowSymLinks
添加到您的 {username}.conf 文件(在 /etc/apache2/users/ 中)为我成功了。所以该文件看起来像这样:I know this is an old post, but for anyone upgrading to Mountain Lion (10.8) and experiencing similar issues, adding
FollowSymLinks
to your {username}.conf file (in /etc/apache2/users/) did the trick for me. So the file looks like this:两个月前的帖子,但迟到总比不到好!在 10.6 上,我将 Web 服务器文档文件夹设置为:
_www 是在 Mac OS X 下运行 apache 的用户。然后我添加了 ACL 以允许管理员组具有完全权限。这样,我仍然可以使用管理员用户进行任何更改,而无需以 root 身份进行身份验证。
另外,当我想允许网络服务器写入文件夹时,我可以简单地 chmod 到 775,让除 root:_www 之外的所有人仅具有读取/执行权限(不包括我应用的任何 ACL)
2 month old thread, but better late than never! On 10.6, I have my webserver documents folder set to:
_www is the user that runs apache under Mac OS X. I then added an ACL to allow full permissions to the Administrators group. That way, I can still make any changes with my admin user without having to authenticate as root.
Also, when I want to allow the webserver to write to a folder, I can simply chmod to 775, leaving everyone other than root:_www with only read/execute permissions (excluding any ACLs that I have applied)
在我的 10.6 系统上:
On my 10.6 system:
对我来说,用户所有者是 admin 用户,组是 _www,并且目录的权限设置为 775,文件的权限设置为 664
The user owner for me is the admin user and the group is _www and works with permissions set to 775 for dir and for files 664
Catalina 更新/桌面权限
我每年都会在 macOS 上遇到一次这种情况。我通常使用 apache2 来托管
我桌面上的文件夹。
如果您尝试授予对
desktop
文件夹的访问权限,则需要遵循以下步骤以允许 httpd 访问所有文件夹:https://apple.stackexchange.com/a/373139/353465Catalina Update / Desktop Permissions
I come across this once a year on macOS. I usually use apache2 for hosting a
folder on my desktop.
If you are trying to give access to the
desktop
folder you need to follow this to allow httpd to have access to all folders: https://apple.stackexchange.com/a/373139/353465首先打开终端,然后转到网络服务器的目录
,然后输入此内容,您要做的就是授予
读取
和写入
权限这肯定会起作用!
Open up terminal first and then go to directory of web server
and then type this and what you will do is you will give
read
andwrite
permissionThis will surely work!
这是我发现的最严格和最安全的方法,正如此处针对您的 Web 内容的假设
~/my/web/root/
目录所解释的:~/my
、~/my/web
、~/my/web/root
):chmod go-rwx DIR
(除所有者之外,任何人都无法访问内容)chmod go+x DIR
(允许包括 _www 在内的“用户”“输入”目录)sudo chgrp -R _www ~/my/web/root
(所有网页内容现在都是组 _www)chmod -R go-rwx ~/my/web/root
(除了所有者之外,没有人可以访问网页内容)chmod -R g+rx ~/my/web/root
(所有网页内容现在可由 _www 读取/执行/输入)所有其他解决方案将文件保持打开状态其他本地用户(他们是“staff”组的一部分,并且显然属于“o”/其他组)。然后,这些用户可以自由浏览和访问您的 Web 配置文件和脚本中的数据库配置、源代码或其他敏感详细信息(如果这些是您内容的一部分)。如果这对您来说不是问题,那么请务必采用更简单的解决方案之一。
This is the most restrictive and safest way I've found, as explained here for hypothetical
~/my/web/root/
directory for your web content:~/my
,~/my/web
,~/my/web/root
):chmod go-rwx DIR
(nobody other than owner can access content)chmod go+x DIR
(to allow "users" including _www to "enter" the dir)sudo chgrp -R _www ~/my/web/root
(all web content is now group _www)chmod -R go-rwx ~/my/web/root
(nobody other than owner can access web content)chmod -R g+rx ~/my/web/root
(all web content is now readable/executable/enterable by _www)All other solutions leave files open to other local users (who are part of the "staff" group as well as obviously being in the "o"/others group). These users may then freely browse and access DB configurations, source code, or other sensitive details in your web config files and scripts if such are part of your content. If this is not an issue for you, then by all means go with one of the simpler solutions.
如果您真的不喜欢终端,dkamins 会告诉您 GUI 方式:
1) 转到您的用户主目录(ludo 是我的)并从文件< /strong> 菜单在检查器中选择 获取信息 cmdI :
2) 通过 alt/option 单击 [+] 符号添加 _www< /strong> 组并将其权限设置为只读:
3 ) 显示用户站点文件夹的获取信息检查器并重现步骤 2,然后从齿轮操作子菜单中选择应用到包含的项目... :
Voilà 3 个步骤和 GUI 唯一方法。 ..
If you really don't like the Terminal here is the GUI way to do dkamins is telling you :
1) Go to your user home directory (ludo would be mine) and from the File menu choose Get Info cmdI in the inspector :
2) By alt/option clicking on the [+] sign add the _www group and set it's permission to read-only :
3) Show the Get Info inspector of your user Sites folder and reproduce step 2 then from the gear action sub-menu choose Apply to enclosed Items... :
Voilà 3 steps and the GUI only way...