You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: README.md
+13-13
Original file line number
Diff line number
Diff line change
@@ -3,21 +3,21 @@
3
3
This script sets the permissions and ownership of the files of a Drupal
4
4
installation.
5
5
6
-
This is loosely based on the information provided by Drupal documentation page
6
+
This is loosely based on the information provided by the Drupal documentation page
7
7
"[Securing file permissions and ownership](https://www.drupal.org/node/244924)".
8
8
9
9
## Details
10
10
11
11
For security reasons, the code files of a website should not be writable. At the
12
12
same time, the website should be able to create files (for example, when a user
13
-
uploads an image). This means that there two types of files and folders: content
13
+
uploads an image). This means that there are two types of files and folders: content
14
14
and code.
15
15
16
-
There will be two users involved: a regular UNIX user, we'll call they the
16
+
There will be two users involved: a regular UNIX user, we'll call them the
17
17
deploy user, that is in charge of managing the code (typically deploying new
18
18
releases), and the user under which the web server process is running.
19
19
20
-
This scripts tries to secure the site using the following scheme:
20
+
This script tries to secure the site using the following scheme:
21
21
22
22
- Code is owned by the deploy user and by the web server's
23
23
group. Deploy user can write, web server group only read.
@@ -40,9 +40,9 @@ In UNIX terms:
40
40
41
41
## Installation
42
42
43
-
Clone or donwload the repository content to your server.
43
+
Clone or download the repository content to your server.
44
44
45
-
Link to `drupal_fix_permissions.sh` in the `/usr/local/bin` or another folder present in users' PATH.
45
+
Link to `drupal_fix_permissions.sh` in the `/usr/local/bin` or another folder present in the user's PATH.
46
46
47
47
If you are using `autofix-drupal-perms.sh`, link it as well. Because it expects `drupal_fix_permissions.sh` to be at `/usr/local/bin` make sure that path exists or edit the autofix script.
48
48
@@ -71,10 +71,10 @@ folder and using `deploy` as the deploy user.
71
71
72
72
## Strategy
73
73
74
-
The scripts checks if the target folder is a Drupal installation and stops if
74
+
The script checks if the target folder is a Drupal installation and stops if
75
75
it is not detected.
76
76
77
-
Once checked, it fixes the ownership of all folder and files (because it is the
77
+
Once checked, it fixes the ownership of all folders and files (because it is the
78
78
same for content and code). Then, it fixes the code and later the content.
79
79
80
80
The script assumes that `files` and `private` folders under `sites` are content
@@ -91,8 +91,8 @@ folder and fixes permissions accordingly: it fixes ownership (owner: deploy
91
91
user, group: web server) and removes any permissions for other users.
92
92
93
93
It doesn't apply standard permissions of code files because in `vendor` folders
94
-
there are some files that needs to be executable. It would be hard to detect all
95
-
the cases that needs executable permissions so the script doesn't handle
94
+
some files need to be executable. It would be hard to detect all
95
+
the cases that need executable permissions so the script doesn't handle
96
96
permissions for the owner or the group and just removes all permissions for
97
97
other users.
98
98
@@ -103,15 +103,15 @@ run again to remove all permissions on other users.
103
103
104
104
## Performance
105
105
106
-
The script only changes the files and folder with the wrong permissions or
106
+
The script only changes the files and folders with the wrong permissions or
107
107
ownership, making it very fast when only a few files or folders need a fix. For
108
108
really big installations this is very important as other scripts apply the
109
109
permissions and ownership regardless are needed o not.
110
110
111
111
## Root permissions
112
112
113
-
Giving root permissions to regular user is dangerous. Luckily, there's a simple
114
-
script, `autofix-drupal-perms.sh`, to allow regular users fix their sites
113
+
Giving root permissions to regular users is dangerous. Luckily, there's a simple
114
+
script, `autofix-drupal-perms.sh`, to allow regular users to fix their sites
115
115
without risking the security.
116
116
117
117
This script has no parameters, so it can be easily added to the sudoers. When
0 commit comments