Write Privileges - localhost - Mac OSX

Asked 7/11, 2011 at 11:38 Answered 9/9, 2019 at 11:46

Solved php macos apache localhost privileges

I'm new to the mac world and have just been setting up my webserver. I used the following guide: https://alan.ivey.dev/posts/2011/os-x-10.7-lion-development-native-mamp-with-mysql-installer/

I've transferred my sites and databases and everything is going pretty well. The only problem I have is with the writing permissions. For example there is a config file that needs to be written to, and I had to right click, go to Get Info then enable read & write for staff and everyone.

I can't manually go through and enable these write privileges for every file/folder. I didn't need to do this using WAMP and made development much quicker.

So wondering about 2 possible solutions: a) add my user account to a whitelist for the localhost so that 644 privileges are sufficient b) set the write privileges recursively

Lippi answered 7/11, 2011 at 11:38 Comment(0)

I found the best solution was to change the apache user and group settings. The instructions can be found at: http://paulmason.name/item/change-apache-user-group-in-lion-os-x

Open Terminal and Enter

sudo nano /private/etc/apache2/httpd.conf

Find and change http.conf code from
```
User _www
Group _www
```
To
```
User your_mac_username
Group staff
```
Note: With earlier versions such as Leopard, capitalize staff to Staff. You can get your username and group by typing "id" and hitting enter in terminal
Restart Apache
```
sudo apachectl restart
```

Lippi answered 8/3, 2012 at 21:44 Comment(5)

Easiest solution! Both the user and apache get write/read permissions without changing the permissions ;-) – Aldon 1/2, 2016 at 11:50

why it's ]so important to put the the Group as staff ? I work on linux and on mac, on linux the group is the username but on mac I had to out staff to make it work otherwise Apache won't start. – Gaven 23/3, 2016 at 19:11

Upgrading to macOS Sierra overwrote my User and Group values in httpd.conf to _www and _www. Your answer helped me resolve the permission issue I was encountering by setting the owner of the directory in question to the User and Group of these new values. – Hellenism 31/10, 2016 at 18:16

Worked great. Note to others: each update resets this. – Navaho 10/2, 2018 at 19:37

Worked! Thank you. – Salomesalomi 23/8, 2018 at 23:6

I'm the author of the mentioned blog post. For web server file permissions, you'll want to give write access to the _www user for files. For config.inc.php, you would set it a couple ways:

Have _www own the file and have write permissions:

$ sudo chown _www config.inc.php
$ chmod u+w config.inc.php

Have your user own the file, change the group to _www, and give group write permissions:

$ sudo chgrp _www config.inc.php
$ chmod g+w config.inc.php

Or, if you feel comfortable allowing all users to write, which I would not recommend for security reasons, give all users the ability to write:

$ chmod a+w config.inc.php

If an entire folder needs to be written by the _www user, it can own the folder and all files:

$ sudo chown -R _www:_www folder/

or you can give the folder write and execute permissions by all:

$ chmod a+wx folder/

The reason why chmod 774 gave you forbidden errors was because the _www user fell under the '4' permission, which is 'read-only.' For directories, a user needs 'execute' in order to traverse into the folder. chmod 775 would allow user and group to rwx, and others to r-x. Here's more information on Unix file permissions.

Also, your user could retain full ownership and add certain permissions for the _www user instead of changing the level of access for ALL users by using Access Control Lists.

$ sudo chmod -R +a '_www allow read,write,delete,add_file,add_subdirectory,file_inherit,directory_inherit' folder
$ sudo chmod +a '_www allow read,write' config.inc.php

If you're going to go the route of ACLs, I'd suggest doing some more reading to see what levels of access you really need to provide. Here is a great place to start.

Sigman answered 7/11, 2011 at 13:30 Comment(2)

Thanks for all the help so far. Just wondering why I would change the owner of config.inc.php and where can I find it? – Lippi 18/11, 2011 at 3:22

@alanthing Couldn't it be risky to grant permissions to apache to write (any?) files on your machine? – Cowardice 29/9, 2014 at 12:54

I'm running Apache on OSX and this fixed it for me:

sudo chown -R _www:_www <mywebfolder>
sudo chmod -R 775 <mywebfolder>

Update #1:

Syntax: sudo chown <user>:<group> <file-or-folder>. The Apache user on OSX is _www.

To keep ownership but give Apache r-w-x permissions:

sudo chown -R <your-username>:_www <mywebfolder>
sudo chmod -R 775 <mywebfolder>

Update #2:

I like this method best. Set Apache to run as you.

In terminal type id to get uid=123(Myname).

Open /etc/apache2/httpd.conf and edit it to use your username.

<IfModule unixd_module>
   User Myname
   Group staff
</IfModule>

Back to terminal: sudo apachectl restart

Glynda answered 21/8, 2014 at 19:17 Comment(1)

this caused mamp to stop for me. Not found a fix yet but its messy. – Sextodecimo 26/4, 2018 at 15:59

I recommend settings the Write privileges recursively for your web root.

You can do this via the console / terminal using chmod -R 774 /my/web/root. For me, the owner and group is set to: www-data:myUserName, which can be set by using chown. Don't forget to check who's your web user first.

Edit: For better understanding, why you don't have access:

Chmod 774, each number stands for specific rights: user, group, others. If the user is set to www-data and the group to www-data (most users on a Unix system are in a group that's named by their username). So, if you're not in the group www-data you either have to join it, or you have to change owner (chown) or you have to change the permissions (chmod). There are several tutorials out there, for more information.

Gentilism answered 7/11, 2011 at 11:44 Comment(2)

I just tried chmod -R 774 for one of my sites and it made the whole site forbidden until I used chmod -R 777 which doesn't seem right. Any ideas? Also I don't know how to check who my web user is, can you please explain? – Lippi 7/11, 2011 at 12:14

You also have to check the owner of a file (user ls -l for this). Mostly the folders are set to www-data:www-data. Which means, you're not mentioned and you don't have access until you use chmod 777. The last 7 stands for "others". Just set the owner as I mentioned in my answer. I'll edit my answer to explain it a bit more. – Gentilism 7/11, 2011 at 12:18

Above solutions didn't work for me. What I did was :

Right click the folder -> Get Info

There is a priviledge setting at the very bottom.

Change it to Read & Write for Everyone.

Hambley answered 9/9, 2019 at 11:46 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags