I have some web service + some shell scripts which I want to execute with cron.
The problem is with the tmp directory.
- To make webservice work I had to run command
sudo chown -R www-data:www-data app/tmp(www-data is group and user used by apache) - The problem is that then when I execute CakeShell with some user I get lots of errors telling that some files in app/tmp dir are not writable – this is because tmp dir is owned by www-data…
- I can run those scripts with root user – then I don’t get any errors…
- When I run scripts with root user, from time to time those scripts modify some files in app/tmp and then I got many errors on webservice (website) that some files in app/tmp are not writable. It seems that runing scripts sometimes modifies tmp files with permissions of user executing those scripts.
- I want to execute those scripts from cron.
And my questions are:
- What is correct setup for app/tmp dir (permissions, user, group etc) and how I can set it up to get both webservice and executing scripts from shell working?
- Is it possible to set up permissions to app/tmp dir to allow writing and reading it for all users and groups? Is it good idea?
If you do not use a shared webserver, you can use a permissive ownership:
chmod -R 777 app/tmpIf you own the server/VPS, it’s not a security hole, since the more sensible user (www-data) already have access.
OR
You can run the crontab “in name of”
www-datauser, using the commandsu