Setting file permissions in Drupal is an important aspect of the setup process when building a Drupal based website. One of the first requirements you will come accross is the setup of the database and its password. This requires the 'settings.php' file to be writeable by Drupal during the first run of the install script 'install.php'.
This process enables the content management system ("CMS") to input the MYSQL database name and password into the settings.php file for future access to the database.
Before this is done you will need to make the 'settings.php' file writeable, and change it back after setup is complete. To do this, you need to know a bit about permissions.
There are a variety of ways to set permissions on system files and folders, some are only available if you have access to the server such as on a Virtual Private Server ("VPS"). This blog tutorial will concentrate on setting permissions from the server side.
For those on shared hosting, we will explain in another blog post how to set permissions using an FTP client, such as Filezilla for example. For a VPS there are a couple of ways to set permissions. However, by far the easiest to understand is the numerical permissions representation. This is the way we set permissions here at Knooq . This method is Linux specific rather than specific to Drupal, so you may use it to set permissions for other files and folders on your Linux Server or Linux Desktop.
This permissioning system equates the privileges of 'Read' (r), 'Write' (w) and 'Execute' (x) with the numbers 4, 2 and 1 respectively. So we have a small numerical permissions matrix as follows:
|Read (r)||Write (w)||Execute (x)||Total|
You can probably guess from the table above, that the 'User' is the current user where drupal is installed, i.e. the current Linux user. The group relates to the Linux group which, for server setup is normally 'www-data'. 'Others' is what it suggests, those outside of 'User' and 'Group', so you should be careful with this setting, as it is the one likely to cause a lack of protection to your website and drupal folders. In general, it's a bad idea to allocate the number 7 permission to 'Others' unless absolutely necessary, and you shouldn't need to do so when designing a website in any event. The exception is on a temporary basis for drupal installation.
Normally, the default installation of Drupal has the permissions for the 'default.settings.php' file set as 644 which can be seen represented in the matrix as follows:
|Read (r)||Write (w)||Execute (x)||Total|
To setup drupal you need to copy 'default.settings.php' to 'settings.php' using the following commands on your linux VPS:
cp default.settings.php settings.php
Then you can change the permissions to make the file writeable by the drupal installer as follows:
chmod 777 settings.php
Now when you run the 'install.php' script Drupal will be able to write to the file. This setup takes just a few minutes and as this is an important file, you should change the permissions back straightaway.
To change back, just repeat the command with the new permissions, as follows:
chmod 440 settings.php
The generally recommended permissions settings for various drupal files and directories are as follows:
|drupal/sites/default/files (including sub folders & files)||755 or 770 *|
|drupal/sites/default/settings.php||400 or 440 *|
|drupal/sites/default/default.settings.php||400 or 440 *|
|drupal/sites/all/themes (including sub folders & files)||755|
|drupal/sites/all/modules (including sub folders & files)||755|
* depends on system setup. Some extra modules and/or server rules may require different permissions.
Go to '/admin/reports/status' where it will tell you whether the system is set up properly, and whether 'settings.php' is protected or not.
To set the permissions for a folder, its sub-folders and files you can use the following command:
chmod -R 440 myfolder (or another numerical permissions value that you require)
However be careful with this, as you should know what permissions the files inside the folder need. As seen above, the 'settings.php' file is inside the 'drupal/sites/default' folder but it has more restrictive permissions than its parent folder.
Dealing with permissions is one of the areas that can lead to a lot of problems so make sure you are certain as to the effect of any changes.
Along with changing file permissions, there is sometimes the need to change the ownership of certain files and folders. We've put together another blog tutorial covering common aspects of changing file and folder ownership in Drupal and Linux.