I'm trying to setup a new test site on my local workstation and I keep running into errors related to insufficient access-rights (aka "ACL" or Access Control Lists). I've been reviewing the "Installation Guide" and the Documentation wiki and this forum, too, but I haven't found anything that clearly summarizes what's going on. Instead, the Install Guide says something along the lines of "At this point we assume you have everything setup properly." Gee, thanks...
- Joomla 1.5.9, installed to default Apache site in /var/www
- Ubuntu 8.10 (Desktop, not server)
- default LAMP setup (via 'tasksel install lamp-server' command)
- Apache 2.2.9
- MySQL 5.0.67
- PHP 5.2.6
ACL TWEAKS SO FAR
Just to get through the initial install I had to make the following changes:
- chmod g+rw /var/www
- chmod o+rw /var/www
- chmod o+rw /var/www/tmp
- chmod o+rw /var/www/templates
- added myself as a member of group 'root'
Note: I haven't used the "-R" option (to apply the ACL to all sub-folders) because I'm trying not to totally nuke the original security of the site.
- If I install "XAMPP" for Linux will my OS automatically maintain it, i.e., install updates? If I install Ubuntu's "lamp-server" then it does.
- Is there a summary of needed ACL changes for a generic Linux install of Apache, MySQL and PHP?
- What login or 'context' is the Joomla app running under? I think it's "www-data" but I'm not sure.
- Should I add "www-data" (or whichever account) as a member of the "root" group?
- Or, should I change the Group for the entire /var/www folder (plus subs) to "www-data"? (This would be instead of my current workaround, adding read-write access to Other, which seems like a gaping security hole.) Or, would that Group change fsck Apache somehow?
Thank you for any help. Worst case, I'll just make the whole thing read-write... and then never expose it to the Internet!
***** Manual signatures are NOT allowed *****