[Question] File Access

Bloodshot_pico · 24 April 2021 17:29

Hey, so I recently installed Nginx on my machine, to basically let me have a mess around with some web dev in my free time.

However I’m still in the learning process of getting used to Linux too, so I’m trying to get files copied and pasted into the directory “usr/share/nginx/html” and its saying I don’t have the permission.

I’m trying to do this via pcmanfm and not terminal since I have no idea how to do it any of the two ways honestly. Also I’m wondering if there is a way for me to stop needing a password every time I edit one of these files to save them?

Or is it best to keep the password for these files? I’m honestly not sure as I’m still new to this.

Any help would be greatly appreciated.
Thanks
~Blood

Aragorn · 24 April 2021 17:42

The /usr hierarchy is only writable to the root user, not to unprivileged user accounts. If you don’t know what you’re doing, then it’s best to never touch that directory hierarchy anyway. User-owned files should always go under /home, and more specifically, under the user’s own home directory.

For all intents and purposes ─ and especially if you’re a newbie ─ the only thing that should be allowed to write anything under /usr is your package manager.

In theory, the answer would be “yes”, but it requires tinkering with the authentication system, and quite frankly, if you need to ask, then you’re the wrong kind of person to want to do this. As the matter of fact nobody should be doing that, because UNIX systems are designed to be secure multiuser systems, which is why authentication is important.

And even if your argument were “But I’m the only one using this machine”, then you are overlooking the fact that your machine is connected to the internet, which means that it is exposed to a potentially hazardous environment. And if your machine gets compromised, then it becomes a liability to everyone else on the internet as well, because then your machine will be used for hacking, conducting DDoS attacks, sending out spam, and so on.

pobrn · 24 April 2021 17:46

You’d probably be better off if you used a different configuration for nginx and ran nginx under your user with its www root being in your home directory. That way you wouldn’t need to worry about system directory, authentication, etc.

Bloodshot_pico · 24 April 2021 17:47

So what I’m getting from this is that it’s best that I keep the authentication passwords because I’m smooth brain with Linux and it’s fundementals.

Also I remember seeing I can change the home directory of nginx, so assuming I move it outside the region of the /usr directory and then I don’t have to worry about the password every time I’m trying to access this stuff etc?

Aragorn · 24 April 2021 17:51

Yes, that is correct. If you’re only going to be using nginx as a local web server for testing your web apps, then its home should be put under your user account’s home directory. If on the other hand you intend to make your web pages publicly accessible while running on your own computer ─ i.e. if you intend to use your computer as a publicly accessible web server ─ then you should put them under /srv/www.

pobrn · 24 April 2021 18:07

To set up nginx to run as non-root, you can do the following:

# create a directory where you want to store things
# cd into it
mkdir www
mkdir other

then create nginx.conf in that directory:

worker_processes 1;
daemon off;
error_log stderr;
pid nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    access_log access.log;
    client_body_temp_path other/client-body-temp;
    fastcgi_temp_path other/fastcgi-temp;
    proxy_temp_path other/proxy-temp;
    scgi_temp_path other/scgi-temp;
    uwsgi_temp_path other/uwsgi-temp;

    sendfile        on;
    keepalive_timeout  65;

    server {
        listen       localhost:8080;
        server_name  localhost;

        location / {
            root   www;
            index  index.html index.htm;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
    }
}

then you can run nginx from that directory:

nginx -c nginx.conf -p "$PWD"

.
Then you can put your files you want to serve into the www directory. This is quite a bare-bones configuration - I adapted it from the default config file from the nginx package -, but should be enough to get you up and running.

The server is reachable on http://localhost:8080.

Bloodshot_pico · 24 April 2021 18:13

I’ll have to give this a look in the morning as right now it’s way too late for me to actually be getting into this, and I need to figure out if I have a different root password or not since it’s been a good 8 months since I installed Linux on my other machine.

However I’ll most likely be coming back here and seeking help again with more of this since well you only learn by trying and asking. But yeah I’m pretty sure I’ve misplaced my root user and password. :’)

Either way I’m gonna give this all a go in the morning, thanks for all the help. I can’t wait to get actually started with CSS, JScript and HTML etc.

~Blood

pobrn · 24 April 2021 18:17

Actually, even Python’s built-in webserver could be enough for that:

cd my-www-root
python -m http.server 8080 -b localhost

and then you can visit the site on http://localhost:8080.

Bloodshot_pico · 25 April 2021 03:57

What do you mean sorry? I don’t need Nginx at all is what you’re implying?

I’m not the only one I want working on the website itself, it’s more of a test environment for me and a friend of mine so I’ll have to figure out what you’ve said above, being trying to get the website into srv/www

I took a look last night and well it says I don’t have access to make a folder in there so I’m assuming it’s going to ask me for a password or something every time I try editing files within there too correct?

Thanks again.
~Blood

pobrn · 25 April 2021 12:05

Yes, that’s what I’m implying.

Are you working on the same machine? If not, then it’s mostly irrelevant.

Yes, that’s why I suggest avoiding system directories and put everything under your home folder where you have sufficient privileges to do anything.

Bloodshot_pico · 25 April 2021 15:08

Ah I see, I had a friend help me setup a bunch of the SFTP and some other stuff like the SSH etc. Whilst also doing some of the basic security stuff like using different ports etc.

Going to look into doing the whole SSH keys and what not when I can find the time.

Also most likely going to be doing what you said about having Nginx under a different user, like a web developer user entirely, only problem that’s stopped me from doing that right now is allowing that user certain permissions etc.

I’ve never done it on Linux and wouldn’t really know where to begin with that, this friend of mine said he’s going to help me tomorrow since our time zones are very different and we both have different sleeping patterns. However he said this will probably be the hardest part out of all of it since I’m still new.

Also we will be working on the same machine, I’m just allowing a friend to have access so we can work and test stuff together, along with him fixing certain things for me since he has a better understanding.

Thanks again for all the help so far though.
~Blood

system · 10 May 2021 15:08

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.