Magento 2 has a nasty habit of resetting file permissions to match whatever is the correct setting on the system they run in development. These commands allow you to change the permissions. Note: NOT RECOMMENDED. See Magento File ACL's instead!!! The following list of commands will work, for a while...
- find . -type f -exec chmod 644 {} \;
- find . -type d -exec chmod 755 {} \;
- find ./var -type d -exec chmod 777 {} \;
- find ./pub/media -type d -exec chmod 777 {} \;
- find ./pub/static -type d -exec chmod 777 {} \;
- chmod 777 ./app/etc
- chmod 644 ./app/etc/*.xml
or perhaps run: find . -type d -exec chmod 770 {} \; && find . -type f -exec chmod 660 {} \; && chmod u+x bin/magento
A better way to do that is[not correct yet!]
- find . -type f -exec chmod 600 {} \;
- find . -type d -exec chmod 700 {} \;
- find . -type f -exec chmod g+r {} \;
- find . -type f -exec chmod o+r {} \;
- find . -type d -exec chmod g+rx {} \;
- find . -type d -exec chmod o+rx {} \;
- find ./var -type d -exec chmod g+rwx {} \;
- find ./pub/media -type d -exec chmod g+rwx {} \;
- find ./pub/static -type d -exec chmod o+rx {} \;
In english:
- Set the permissions on all files so that the owner can read and write to them and no one else can access them
- Set the permissions on all directories so that the owner can read, write, and SEARCH them and no one else can access them
- For all files, allow users in the same group to read them
- For all files, allow everyone else to read them
- For all directories, allow users in the same group to read and search them
- For all directories, allow everyone else to read and search them
- For the var directory and all subdirectories, give users in the same group read, write, and search access
- For all directories in pub/media give users in the same group read, write, and search access
- For all directories in pub/static give all users read access and search access
Notes:
X for directories is what allows a user to run commands such as:
cd pub/media and ls pub/media
Using the identifier+perms syntax [g+rwx] allows us to be additive rather then destructive. IE chmod 770 will set the permissions for everyone/world/other to 0 or none. If there was some directory where this was incorrect you just broke something. By being additive, you avoid this issue. In general you should almost never have to run the first 2 commands, just start at 3 and work down.
Comments