Hi,
Just installed last Hestia version. I’m installing WordPress on Nginx, MariaDB and PHP stack.
Created a dedicated user to manage WordPress. Gave him bash shell in order to use WP-CLI.
The problem comes out when I try to create any file on its home directory: “Permission denied”…
With previous Hestia version I never had this problem… something changed in this last version?
Thanks for any help!
Best regards,
Roberto
Home directory has owner set to root due the chroot.
Any sub dir is should work without an issue
Hi,
Here you can see directory ownership and permissions:
drwxr-xr-x+ 11 root root 4.0K Sep 16 09:51 user
drwxr-xr-x 5 roberto roberto 4.0K Sep 16 09:50 roberto
The first user was created using HestiaCP and the second one manually using shell…
User directory shouldn’t be owned by user?
Due to the sftp chroot implementation, it needs to be owned by root. There are already a few default folders created, like .composer or .cache and so on.
What should I do then to use WP-CLI with this user?
WP-CLI installs WP in this directory and modifies several files…
Should I add this user to the sudo group to solve this issue?
Why? Give the user bash shell under edit user, the wp cli script itself can be run inside of the public_html directory.
wp core download
Downloading WordPress 5.5.1 (en_US)...
**Warning:** Failed to create directory '/home/{user}/.wp-cli/cache/': mkdir(): Permission denied.
md5 hash verified: 72c6f56b4818ffd0e6e6a4ed8f3e8d4e
**Success:** WordPress downloaded.
I suggest creating .wp-cli for the user as root and chown it…
Or /usr/local/hestia/data/packages/
create package.sh (package.sh with name of package)
#!/bin/bash
mkdir /home/$1/.wp-cli
chown $1:$1 /home/$1/.wp-cliOr just enable WP-CLI for root and use it anywhere on any site anytime. But after adding plugins/themes or any file operations you need to chown -R <hestiauser>:<hestiauser> xxx/public_html to reset permissions for the particular WP file to its user.
You can setup an alias like this in . ~/.bashrc
alias wp='wp --allow-root'
Please take care, there has been a permission change to prevent nginx errors in log files, the current permission set is user:www-data for public_html and user:user for every file in it. If you set the chown as described, the permission for public_html will aswell be set to user:user.