Dragonfly permissions problem on server

walterdavis · October 11, 2011, 4:42pm

I am running in production on Ubuntu 10 with Passenger and Apache2. I just had to set my system/dragonfly folder to 777 in order to allow uploads to work, and that doesn't seem like a good idea or even necessary. What''s the trick to get this to work correctly (as in not world-writable folders inside the Web root)?

Thanks in advance,

Walter

Craig_White · October 11, 2011, 4:54pm

I am running in production on Ubuntu 10 with Passenger and Apache2. I just had to set my system/dragonfly folder to 777 in order to allow uploads to work, and that doesn't seem like a good idea or even necessary. What''s the trick to get this to work correctly (as in not world-writable folders inside the Web root)?

walterdavis · October 11, 2011, 5:12pm

My logs are being written to by root, but dragonfly is using the nobody/nogroup user on this machine. What I did (reminder to self for next time) was to momentarily set public/system to 777, delete dragonfly from there, and upload one photo (which created all the folders and subfolders with the correct ownership and permissions). Then I set public/system back to 755 and it seems to continue working correctly.

Walter

Craig_White · October 11, 2011, 5:48pm

I am running in production on Ubuntu 10 with Passenger and Apache2. I just had to set my system/dragonfly folder to 777 in order to allow uploads to work, and that doesn't seem like a good idea or even necessary. What''s the trick to get this to work correctly (as in not world-writable folders inside the Web root)?

---- generally a passenger/rails application will run as the same user who owns RAILS_ROOT/config/environment.rb or in the case of a Rack based application, RAILS_ROOT/config.ru but that can be overridden in the apache config (passenger_user). As long as this 'user' has write permissions, that should be sufficient and should in all likelihood be the same user writing to RAILS_ROOT/log/[development|production].log

Craig

My logs are being written to by root, but dragonfly is using the nobody/nogroup user on this machine. What I did (reminder to self for next time) was to momentarily set public/system to 777, delete dragonfly from there, and upload one photo (which created all the folders and subfolders with the correct ownership and permissions). Then I set public/system back to 755 and it seems to continue working correctly.