166

Having installed the web server is there a simple way to set a user able to use the graphic interface to copy files and directories to the local web server /var/www

I gave myself administrative privileges in Ubuntu but it still doesn't allow copies.

Jorge Castro
  • 73,717
k_graham
  • 1,761

8 Answers8

255

If you make /var/www writeable by its group and add the user to the group, that user will not have to use sudo. Try this:

sudo adduser <username> www-data
sudo chown -R www-data:www-data /var/www
sudo chmod -R g+rwX /var/www

The user should then be able to edit /var/www/ files without hassle.

The first line adds the user to the www-data group, the second line clears up any files with messed up ownership, and the third makes it so that all users who are members of the www-data group can read and write all files in /var/www.

If you are logged in as <username> you need to log out and log back in for the group membership to take effect.

Flimm
  • 44,031
Azendale
  • 12,021
26

You can chown, that is change the owner of that folder. This will allow you to change the user and group of the folder, allowing your user to add/remove files on it. To do it, replace yourusername with your name and run:

sudo chown yourusername.users /var/www

And thats it.

However, I preffer to create a virtualhost in my home folder, it's much easier.

Basically it allows you to use any folder as a apache serving folder. To show it how it simple, lets assume that your username is username and that the folder that you want to serve is /home/username/www

Create the following file (for instance mywebprojects) in /etc/apache2/sistes-available replacing the username and the folder path (basically just copy and paste and replace in #CHANGE HERE):

<VirtualHost *:80>
    ServerAdmin webmaster@localhost

    # CHANGE HERE
    DocumentRoot /home/username/www

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>

    # CHANGE HERE
    <Directory /home/username/www/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    ErrorLog /var/log/apache2/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /var/log/apache2/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>

Now lets create the www folder, add a simple hello world, disable the default website (/var/www), enable our website mywebprojects and restart apache.

mkdir ~/www 
echo "<html><h1>Hello World</h1></html>" > ~/www/test.html
sudo a2dissite default #
sudo a2ensite mywebprojects
sudo service apache2 restart

And that it, now you dont need to go to /var/www, you simply add files to your www (or other givename) and it's already there :).

Marcos Roriz Junior
  • 4,667
8

Method 1:

  • Press ALT+F2 and enter gksudo nautilus and then click Run.

    alt text

  • It will open nautilus with root previleges.
  • Goto Filesystem var www and now you can add/copy/paste your files.

Method 2:

  • Install nautilus-gksu Install nautilus-gksu
  • After installing type nautilus -q in your terminal to refresh right click menus.
  • Now you will find 'Open as administrator' entry in your nautilus right-click menu.
  • When you need to open any files with root permission, you just have to right-click on that file/folder and select 'Open as Administrator'.

  • It will open that file/folder with root permission.

    alt text

Community
  • 1
karthick87
  • 84,513
6

It could be as simple as sudo usermod -a -G developers $username using ACL.

That takes a little work, though, to start. This is for Ubuntu 10.10 at least. First mount the file systems with the acl option in /etc/fstab.

sudo vim /etc/fstab

UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx / ext4 defaults,acl 0 1

sudo mount -o remount,acl /

Then make a group to which a user may belong for this purpose.

sudo groupadd developers
sudo usermod -a -G developers $username

The user needs to log out and in again to become a member of the developers group.

Of course, do not do this if you have content in the /var/www directory that you want, but just to illustrate setting it up to start:

sudo rm -rf /var/www
sudo mkdir -p /var/www/public
sudo chown -R root:developers /var/www/public
sudo chmod 0775 /var/www/public
sudo chmod g+s /var/www/public
sudo setfacl -d -m u::rwx,g::rwx,o::r-x /var/www/public

Then replace references to "/var/www" with "/var/www/public" in a config file and reload.

sudo vim /etc/apache2/sites-enabled/000-default
sudo /etc/init.d/apache2 reload

If we wanted to restrict delete and rename from all but the user who created the file:

sudo chmod +t /var/www/public

This way, if we want to create directories for frameworks that exist outside the Apache document root or maybe create server-writable directories, it's still easy.

Apache-writable logs directory:

sudo mkdir /var/www/logs
sudo chgrp www-data /var/www/logs
sudo chmod 0770 /var/www/logs

Apache-readable library directory:

sudo mkdir /var/www/lib
sudo chgrp www-data /var/www/logs
sudo chmod 0750 /var/www/logs
1

Although this question is old, the answer needs to be brought up to date.

Let's consider the following :

You state you gave yourself "administrative privileges". And by the accepted answer here user and group www-data now has permissions to write to the directory in question.

Out of the box, when you install a LAMP stack, /var/www directories and files are recursively owned by user and group root:root, unless you have changed the default ownership/permissions. Which in your case is true. To confirm :

cd /var/www && ls -l

The output with default LAMP stack installation :

drwxr-xr-x 2 root root 4096 Sep  1 19:53 html

Above, there is a reason why /var/www and html directories are owned by user and group root:root on a default level, it gives read/executable permissions only to others which includes www-data. This conforms to least privileges security aspect. We wouldn't want an attacker to gain access to the www-data user/group which is the most vulnerable here, with permissions to write a script and takeover the server!

This should help understand the default permissions of the html directory created when apache/nginx was installed :

Owner Group Other
read, write & execute read & execute read & execute
4+2+1=7 4+1=5 4+1=5

What we can do to safely use your_domain directory to transfer directories and files in a graphical interface with the necessary permissions is to :

  1. Assign ownership to the directory in question :

    sudo chown -R $USER:$USER /var/www/your_domain

  2. Now check the permissions of /your_domain :

    cd /var/www && ls -l

  3. From the output here we can clearly see that your_user is owner and group and that others ( www-data ) have read/execute permissions only. Which is a safe way to not compromise the web server and other users directories :

    drwxr-xr-x 2 root root 4096 Sep  1 19:53 html
drwxr-xr-x 2 your_user  your_user  4096 Sep  2 10:49 your_domain

  4. Reload Apache :

    sudo systemctl reload apache2

Once this is done, here is a "simple" way to add files to /var/www/your_domain :

Install vsftpd on your server and FileZilla on the client machine :

  1. You can follow this guide to install and setup both vsftpd and FileZilla.

  2. Just replace the /home/username/ftp/files to suite your needs and substitute where needed username ( in the guide username is sammy ) with your_username.

    Note : You may need to add this entry pasv_enable=Yes to your /etc/vsftpd.conf file for Windows client.

  3. After vsftpd setup is done, we create the directory /home/username/ftp/files/www and mount /var/www/your_domain to this directory.

    1. Create the mount directory :
    mkdir /home/username/ftp/files/www
    1. Edit /etc/fstab to add the mount point :
    /var/www/your_domain /home/username/ftp/files/www none defaults,bind 0 0

    Source : here

  4. Reboot the server.

Now the previous method of creating a permanent mount will work with a minimal image ( i.e. Container ) where it's fstab file indicates UNCONFIGURED FSTAB FOR BASE SYSTEM, this will NOT work with physical servers.

So, if you still insist on FTP a temporary approach would be to bind the directories ( This method cannot survive system reboot ) like so :

sudo mount --bind /var/www/your_domain /home/username/ftp/files/www

Another, and permanent approach, would be to simply use a symbolic link. Keep in mind with this method you would need to choose where Protocol: in FileZilla -> SFTP-SSH File Transfer Protocol. To create the symbolic link we cannot use an absolute path ( i.e. /var/www/your_domain ). We will use the relative path from /home/username/ftp/files/www to /var/www/your_domain. The command would be :

sudo ln -s ../../../../../var/www/your_domain /home/username/ftp/files/www

You will find a guide for SFTP setup here.

And finally here is a simple way to edit files in /var/www/your_domain :

  1. Edit the files on your development machine.

  2. Stop your web server, example : sudo service apache2 stop or sudo service nginx stop.

  3. Add the files with FileZilla with protocols SFTP(symbolic link method) or FTP(mount method).

  4. Restart the web server : sudo service apache2 start or sudo service nginx stop.

kkyucon
  • 86
  • 8
0

Easiest way to do is follow the steps given below:-

  1. Press Alt + Ctrl + T and terminal will open and type sudo -s and login with your password.
  2. Now you're logged in as root.
  3. Now type in nautilus and it will open the home folder for you as root. So now you can easily edit the files and do whatever you want.

Hope this helps. :)

Aditya
  • 13,616
Mitayshh Dhaggai
  • 1
0

/var/www folder is owned by the root.. you have to change the ownership to your own username for modifying files in this folder. For this you can try the following commands..

sudo -i // to change to root console

sudo chown -R <username> <path> // for eg. sudo chown -R scott /var/www/html (scott is the username, -R indicates recrusive)

Now the ownership of the folder /var/www/html will be assigned to the user scott. Now scott can copy/move files in this folder.

Anoop
  • 9
  • 1
-1

If you're using the server version, try webmin. It has a great web UI and file manager. Either that or Filezilla

John Hallquist
  • 1