Am I doing this right? [remote development]

I’m trying to setup remote access for my test production suite7 instance. For now I am simply changing the theme color pallet to keep it simple.

  • Site docroot is /var/www/html/
  • /var/www/ is owned by root:root
  • /var/www/html/ owned by www-data:www-data
  • Created nologin user ‘sftpuser’ with homedir /var/www/
  • PHP Storm has ssh/sftp access and downloaded the files to local

I edit scss and compile locally, then am unable to upload and overwrite. Since all suite7 file are owned by www-data:www-data i put sftpuser into group www-data thinking it would help. but (at least) the theme files only have read access for www-data. Since I added sftpuser to www-data can I just recursively set all suite7 files to have read/write access?

something like: sudo -u www-data chmod -R g+rw ?

I saw on some stack exchange someone answered saying to make www-data able to login then just ssh/sftp in with that…

Compatibility for v7.x

  sudo chown -R www-data:www-data .
  sudo chmod -R 755 .
  sudo chmod -R 775 cache custom modules themes data upload
  sudo chmod 775 config_override.php 2>/dev/null

Yes I did this for the installation but it doesn’t address my issuue. 755 is rwx|r-x|r-x so group doesn’t have write so adding my sftpuser to the www-data group would do not help. Should I be ssh/sftp into the /var/www/html/ as www-data? that would mean I need to alter it and give it login abilities.

No, you can use any user to ssh into your system. Then go to /var/www/html/ folder.

In Ubuntu, you can use the command sudo su and enter credentials for the root user.

To SSH into your system from Windows systems, you can download PuTTy or BitWise ssh client application.

You need to run these commands when you’re at /var/www/html/suitecrm/ folder.

Also, you need to clear your question for us. You could take screenshots are share them here.

See here

I also do things like you, by adding my personal user to www-data group.

There might be other factors influencing things:

  • .htaccess limitaitons
  • selinux restrictions
  • problems with SetUID or SetGID bits, causing new directories to be created with inferior permissions

Modifying file permissions for SuiteCRM requires caution, but your approach is generally correct. Adding the sftpuser to the www-data group and adjusting permissions accordingly is a common method to allow proper file access. Here’s a step-by-step guide:

  1. Add sftpuser to the www-data Group: sudo usermod -aG www-data sftpuser

  2. Ensure Proper Group Ownership: Make sure all files and directories have the proper group ownership (www-data in this case).
    sudo chown -R www-data:www-data /var/www/html

  3. Grant Read and Write Access: Grant read and write permissions to the www-data group. Be cautious when recursively changing permissions, especially on production systems.
    sudo chmod -R g+rw /var/www/html

  4. Verify Permissions: ls -la /var/www/html
    Verify that files and directories are owned by www-data and have the appropriate read and write permissions.

  5. SSH/SFTP with sftpuser: You should now be able to use SSH or SFTP with the sftpuser to upload and overwrite files in the /var/www/html directory.