[wp-trac] [WordPress Trac] #36936: Plugin update does not works via web with proper filesystem permissions.
WordPress Trac
noreply at wordpress.org
Tue May 24 21:09:32 UTC 2016
#36936: Plugin update does not works via web with proper filesystem permissions.
----------------------------+-----------------------------
Reporter: brudas | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Filesystem API | Version: 4.5.2
Severity: normal | Keywords:
Focuses: |
----------------------------+-----------------------------
Hello all,
I run Wordpress 4.5.2 on Ext4 file system with POSIX ACL.
Web server is Nginx, PHP runs as FPM daemon. Both under www-data user and
group (for now).
When I try to update some plugin, Wordpress ask me to enter FTP
credentials instead of doing update.
All output below was gathered under '''www-data''' account (PHP-FPM runs
under it).
Here is my file system permissions:
'''Document root:'''
{{{
$ getfacl /var/www/html/
getfacl: Removing leading '/' from absolute path names
# file: var/www/html/
# owner: root
# group: root
user::rwx
user:www-data:r-x
group::---
group:SA:rwx
group:webdesigner:rwx
mask::rwx
other::---
default:user::rwx
default:user:www-data:r-x
default:group::---
default:group:SA:rwx
default:group:webdesigner:rwx
default:mask::rwx
default:other::---
}}}
'''wp-content'''
{{{
$ getfacl /var/www/html/wp-content/
getfacl: Removing leading '/' from absolute path names
# file: var/www/html/wp-content/
# owner: root
# group: root
user::rwx
user:www-data:rwx
group::---
group:SA:rwx
group:webdesigner:rwx
mask::rwx
other::---
default:user::rwx
default:user:www-data:rwx
default:group::---
default:group:SA:rwx
default:group:webdesigner:rwx
default:mask::rwx
default:other::---
}}}
'''Plugins'''
{{{
$ getfacl /var/www/html/wp-content/plugins/
getfacl: Removing leading '/' from absolute path names
# file: var/www/html/wp-content/plugins/
# owner: root
# group: root
user::rwx
user:www-data:rwx
group::---
group:SA:rwx
group:webdesigner:rwx
mask::rwx
other::---
default:user::rwx
default:user:www-data:rwx
default:group::---
default:group:SA:rwx
default:group:webdesigner:rwx
default:mask::rwx
default:other::---
}}}
'''Plugin to be updated:'''
{{{
$ getfacl /var/www/html/wp-content/plugins/postmatic/
getfacl: Removing leading '/' from absolute path names
# file: var/www/html/wp-content/plugins/postmatic/
# owner: root
# group: root
user::rwx
user:www-data:rwx
group::---
group:SA:rwx
group:webdesigner:rwx
mask::rwx
other::---
default:user::rwx
default:user:www-data:rwx
default:group::---
default:group:SA:rwx
default:group:webdesigner:rwx
default:mask::rwx
default:other::---
}}}
Despite user www-data is explicitly granted to have write permissions to
all required directories, Wordpress fails to start upgrade from web and
asks for FTP credentials.
I believe PHP works well enough with POSIX ACL, here is simply proof
script:
{{{
$ php -r 'if (posix_access( "/var/www/html/wp-content/", POSIX_R_OK |
POSIX_W_OK)) {
echo "The file is readable and writable!\n";
} else {
$error = posix_get_last_error();
echo "Error $error: " . posix_strerror($error);
}'
The file is readable and writable!
}}}
If there are some reason to keep current filesystem permission check
method intact - please, issue spcecial technical note regarding required
permissions and how does Wordpress checking it.
System information:
{{{
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.4 LTS
Release: 14.04
Codename: trusty
$ php -v
PHP 5.5.9-1ubuntu4.16 (cli) (built: Apr 20 2016 14:31:27)
}}}
There are no SuPHP, Suhosin or any suspicious extensions.
This issue could be related to
[https://core.trac.wordpress.org/ticket/34327]
Thank you.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/36936>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list