| Getting Started With Azure Linux VMs |
| Written by Mike James | ||||
| Thursday, 17 April 2014 | ||||
Page 3 of 3
PermissionsThere is a problem that you are going to encounter over and over again when working with your new virtual machine - permissions. Linux/Unix permissions are a problem for a development system because they generally stop you from writing files and creating directories. My advice is that anytime something "strange" happens is to suspect that the file that you think you have just written hasn't been written or modified as you suppose. Don't believe the evidence of your eyes because many times FileZilla will not report a problem in writing a file - or will do it so quickly you don't notice. What is worse is that FileZilla will allow you to change permissions on files - but in most cases it wont actually succeed in changing them as you don't have permission to change them. To successfully cope with permissions you have to use the command line as root, i.e. use sudo in an Ubuntu system. To make sense of permissions a quick course for the beginner is needed. Linux/Unix recognizes three types of user - the owner, the group and the public i.e. rest of the world and each can have read, write or execute permission on a given object. In general the owner has the highest permission and can usually do anything to the object. The group has next lowest and public the lowest. Every user can be a member of multiple groups but only one group is the users default group. When a user creates a file they are the owner and the object can assign access rights to the owners default group. This system works well for a production system but less well for a development system. Take for example the document root /var/www. This has to be accessible to Apache but only with read permission. The Apache process runs as user www-data and when your machine is first set up this user owns all of the folders and files from /var/www down. This means that you can ftp new files and folders. How to solve this problem? There are a number of opinions but mostly based on what you should do in a production system. For a development system arguably the best solution is to change the ownership of all of the files and folders in the document root to the developer and make the developer's default group www-data or something with a more appropriate name. The idea is that the owner and the group has all permissions needed to access and change the files and the rest of the world has minimum permissions. In a production system you can keep the same setup but the group would only have read access and its only member would be the Apache server. The first thing to do is to change the user to have www-data as their default group:
Next you need to change the owner and group of all of the files to azureuser and www-data:
the -R means perform the action recursivly on all files and folders. To check the ownership and group use:
or just look at the Owner/Group column in FileZilla. Finally you can set the privileges on all folders and files to read/write/execute for owner and group and to nothing for public:
Following this you and any member of the www-data group should be able to work with the files via FTP or the command line. One recurring problem is that when you copy files from other locations the owner and group will be set to the user logged into to the FTP server and their default group. The permissions will also not be changed to 770 and so you might have to execute the chown and chmod commands on a regular basis. There are ways around this but it would take us beyond this simple setup. Finally notice that this isn't a good way to setup a production server as the www-data group has too many members and too many privileges to be secure. Also notice that in a production server permissions for folders and files should be different - look it up on the web. Some ExtrasNow you have a basic LAMP server what you do next depends on your preferences. The biggest problem that most Windows users will have is getting back in touch with the command line. There are somethings that can help:
all you have to do is select apache2 as the web server and supply a logon password for MySQL. To add phpmyadmin to the configuration files use:
and restart Apache
You can then access it using;
If you want a more general GUI admin panel then try Webmin which is like cpanel but open source. To install it use:
some of these packages will already be installed. Next download the package:
and finally install the package using
You also need to add an endpoint to port 10000 using the Azure manager so that webmin can be reached.
You also need to setup root with a password as webmin doesn't logon using SSH.
After this you can run webmin using
and login root and whatever password you specified. From here you can setup other users and groups and generally work with the system without the command line. You can also spend a lot of time setting up additional modules - but that's another story.
There is a lot more to learn if you want to administer a production server, but from the point of view of development this is more or less all you need to know. Your next step is to set up a development system like Netbeans or Visual Studio for the PHP website you are working on - lookout for a future article.
Related ArticlesThe Appliance of...Virtual Machines Price War In The Cloud - Azure Lowers Prices
To be informed about new articles on I Programmer, install the I Programmer Toolbar, subscribe to the RSS feed, follow us on, Twitter, Facebook, Google+ or Linkedin, or sign up for our weekly newsletter.
Comments
or email your comment to: comments@i-programmer.info
|
||||
| Last Updated ( Thursday, 17 April 2014 ) |
