Problem/Motivation
At install time there are error messages like The directory sites/default/files is not writable for the files directory, translation directory, and settings.php. These messages need more useful information about how to resolve the problem.
Proposed resolution
- Give specific instructions like 'Set the file permissions to 755'. This will not work because different machines will need different instructions depending on if the user/group running the webserver is the same as the user/group that owns the file/directory, and of course different operating systems have different permission systems. Even within Linux some servers will be setup to use ACLs, some will not.
- Let the user know the user/group of the webserver, and the user/group of the file/directory. Link off to the handbook for more info.
Remaining tasks
- Need to add an is_readable() check for the files directory, just like the others.
- Might break out those long t() calls into separate parts like $server_permissions, $file_permissions, $more_help, and then assemble the appropriate bits when necessary.
For follow-up issues
- The following functions might be moved to Drupal\Component\Utility\FileSystem drupal_install_fix_file(), drupal_install_mkdir(), drupal_verify_install_file() as these are all generic. Then it wouldn't be so strange to use drupal_verify_install_file() in system_requirements().
- The files directory has install and runtime checks in system_requirements(), but settings.php has install checks in install_check_requirements() and runtime checks in system_requirements() with some code duplication.
User interface changes
No
API changes
No
How can reproduce the issue:
Install Drupal on a machine where the webserver does not have permissions to create files/directories in the codebase.
Comment | File | Size | Author |
---|---|---|---|
#49 | install-file-permissions-758296-49.patch | 20.62 KB | dalin |
#48 | install-file-permissions-758296-48.patch | 4.96 KB | mgifford |
#29 | install-01.jpg | 72.69 KB | Sahin |
#29 | install-02.jpg | 69.68 KB | Sahin |
#29 | install-04.jpg | 101.09 KB | Sahin |
Comments
Comment #1
David Latapie CreditAttribution: David Latapie commentedUpdate:
sites/default/files
,sites/default/private/files
andsites/default/private/temp
shall have permission75
3
instead of752
. If not, one won't be able to change Garland’s colors.Comment #2
Damien Tournoud CreditAttribution: Damien Tournoud commentedThis basically depends on the operating system. The numeric permissions only make sense in the Unix world, and even there, you are making assumptions about the type of installation (server software, etc.). I'm not really sure we can do better then that here.
Comment #3
davidwatson CreditAttribution: davidwatson commented-1 to the idea of numeric permissions, since as #2 already mentioned, it is OS-dependent. The chorus of "what the blazes does 755 mean?" by the population of new Windows users will be deafening, no doubt. I also like that we're linking to the handbook, which provides a nice compromise.
Marking as Won't Fix, unless there's a compelling reason to change something here. If the handbook is somehow unclear on this, we should probably raise it as its own issue.
Comment #4
David Latapie CreditAttribution: David Latapie commentedI never used a Windows server so the fact that numeric valued were not universal never crossed my mind. What ab out a side note like
? Just a thought.Comment #5
davidwatson CreditAttribution: davidwatson commentedAlthough it helps to triage part of the issue (Windows users not knowing they can't chmod something), there are really two issues at play here: the first being if we're going to explain how to do it for one OS, we really should be doing it for all of them. Personally, I think the handbook is best suited toward this sort of thing, since users can then drill down to the specific issue they're having for their specific stack without bloating the inline help.
The other issue (as #2 mentioned before) is that with all of the possible server setups, saying "just chmod 755 $foo" isn't always the solution, either. Different environments may have their own nuances that we aren't accounting for here - though I haven't encountered any personally, http://drupal.org/node/50280 highlights some weird permissions issues that can arise when using SELinux, for example.
Given the amount of instruction we'll need to provide for introducing permissions while handling specific cases (and that the inline help is already a bit verbose), it seems that referring the user elsewhere for additional help is the best course. Of course, the docs there could probably stand to be tightened up a bit, but that's a whole other issue entirely.
Comment #6
David Latapie CreditAttribution: David Latapie commentedHello,
With all due respect, having to resort to outside help at install time is a surefire way of earning (keeping) a reputation of complexity, exactly what Drupal 7 tries to avoid.
I understand better the scope of the issue now, thank you. On the other hand, isn't Usability about fixing 80 % of the scenarion, not 100%? I believe most people use a standard Linux server (maybe even Ubuntu) and, consequently, this would work for most people. Not all, granted. But most.
Comment #7
davidwatson CreditAttribution: davidwatson commentedI don't disagree with you (re: wanting/needing to improve D7UX), and appreciate the thoughtful response. However, given the intricacies of different server environments, we have to strike a compromise somewhere with respect to which help should be inline, and which help should be external (but directly referenced). Personally, I would argue that it isn't the job of the error message to provide environment-specific documentation, but to specify the problem and offer a solution - which it does as elegantly as it can. Catering to the 80% should not be at the expense of the 20%, or we *will* maintain that perception of complexity among those users - far better to guide everyone to the best of our ability.
Although my -1 remains unchanged for now, I am content to wait for some of the other UX folks to jump in, in hopes that we can reach some sort of consensus.
Comment #8
lostchord CreditAttribution: lostchord commentedFirst up... this is about configuration rather than installation. It can happen multiple times whereas the installation of the software only happens once.
Now on with the show.
D6 currently requires you to do your own thing to create all prerequisite files and directories and then set protections so that it can access them for the site configuration. It then does a pretty poor job of reverting to a 'secure' configuration and telling you 'everything is now taken care of'.
So, on the one hand you want to leave it to the user to unlock everything - because it's too hard to do yourself - and on the other hand you want to try and lock it all up automagically and stuff it up because you don't take into account the environment - factor in SELinux for example.
I have no trouble accepting that coping with multiple operating system environments is very hard. On the other hand I don't see anything particuilarly hard in providing operating system specific scripts which will create and set protections on all required files and directories and, after configuration, lock them all down again. The user is then responsible for choosing the right script to run which, I would humbly suggest, is a little bit more reliable than trying to navigate through the mess of advice on this site.
Organisations that package Drupal and make configuration changes - such as Fedora - would be expected to provide their own scripts.
cheers
Comment #9
davidwatson CreditAttribution: davidwatson commentedIn that case, we would be dependent not only upon end users to manage another configuration setting ("but $distro doesn't appear on that list, is it incompatible?!"), but distributions to find those settings to make our project work, while failing to address the very likely case of someone installing Drupal outside of a packaged environment with its own nuances. Don't get me wrong, I'm all for making life easier for the end user, but to do something even similar to what #8 suggests after we've already hit code freeze is a non-solution. New features like this would have to wait.
Fundamentally, the issue here is this: do we add additional OS-specific help into core to address file permissions during installation, or is what we have (indicating the error, offering a solution, and suggesting additional information) adequate? Or, alternatively, could the existing error message be better stated?
Comment #10
David Latapie CreditAttribution: David Latapie commentedI agree this is certainly too late for D7. What about moving it up to D8?
Comment #11
Damien Tournoud CreditAttribution: Damien Tournoud commentedIt seems clear at this point that there is no way forward with this.
Comment #12
davidwatson CreditAttribution: davidwatson commentedIMHO, the proposal as it stands right now has too many holes in it. It doesn't account for environment-specific nuances, places too heavy a burden on package maintainers, nor does it solve a somewhat recursive problem: for a script to grant permissions, it must have the appropriate permissions, requiring the user to understand permissions enough to assign them in the first place. To the best of my understanding, I get the feeling that any attempts to get around this will result in poor security practice.
If we get something more solid down in the near future, slating it for D8 sounds awesome. Otherwise, in the absence of another solution, we should mark this Won't Fix (or, in retrospect, By Design may be a better fit here).
Comment #13
davidwatson CreditAttribution: davidwatson commentedJumped the gun a bit - leaving this open for comments/solutions for a while longer.
EDIT: My mistake, I thought I inadvertently set it to Won't Fix - didn't see that I was ninja'd! All the same, we should probably leave this open for at least another day or so to make sure we've reached consensus, no?
Comment #14
lostchord CreditAttribution: lostchord commentedTake a step back and have a look at what you are trying to do.
A code freeze seems like a good idea at this point! This is never going to work.
There are two distinct use cases involved here:
The first case is an exception where the initial conditions can be specified by the package maintainer. Configuration of subsequent sites is more complex in that it involves the creation of directories, the copying files, and the adjustment of file ownership and protection before and after executing the configuration script. This assumes that the user preparing the environment has the necessary access and rights to perform these operations. This is an almost universal assumption where application installation and configuration are concerned.
This is what the web server context does not have.
So, as an alternative, what would be the effect of running the script in the context of the user who is supposed to perform the prerequisite setup tasks?
This is still a non-trivial task if a generic procedure is to be crafted but it would seem that this approach is not the dead-end the existing approach is.
cheers
Comment #15
David Latapie CreditAttribution: David Latapie commentedI think that if we can make it work, this will have drastic consequences for a lot related features that I can not envision as of now -- this is more like an intuition. I hope more people will jump in!
Thank you for the time you already spent on it.
Comment #16
davidwatson CreditAttribution: davidwatson commentedI think you may have misunderstood me here - I apologize for any ambiguity on my part. I was referring to the fact that no additional features will be added to D7 at this point. That's not a decision we have the liberty of making, it's simply too late in the development cycle - the code freeze has already happened. Only bug fixes should be addressed at this point, and new features should be queued up for D8 instead.
While the spirit of the solution is definitely there, unfortunately we're now increasing the attack surface of Drupal by giving a pre-packaged means of programmatically changing permissions around at the user level. From a security standpoint, we have to operate under the assumption that the user will forget to remove that script. That, and we're only partially addressing the issue for users who happen to run packaged installs, leaving the greater proportion of users exactly where they (we?) started with this issue in the first place.
I'm confident enough at this point to agree that this is addressed as well as it feasibly can be for D7 (given that we can't go about adding new features at the last minute), but I wouldn't mind seeing an issue opened against D8 to discuss how we can handle file permissions better for the next major release. :]
Comment #17
lostchord CreditAttribution: lostchord commentedI made a cut and-paste mistake in my original extended comment...
Should have read:
I am suggesting that the configuration task is taken right out of Drupal and made a stand-alone administration activity. It cannot be invoked via the browser interface. Since, with the exception of the Default site, some form of command line access is required to setup the environment prior to running the config process - create directories, copy files - then this access can also be used to run the configuration script. The attack surface is not increased since (a) the web server context does not have sufficient access to perform the required actions, and (b) the installation can protect the scripts from the server context in a variety of ways. If you can run the scripts and do any damage then you own the server anyway. If anything the attack surface has shrunk.
In terms of the code freeze...I was being a bit facetious, sorry. My feeling is that the current direction is flawed and that further work is not going to achieve much. A process running in the context of the web server is not going to have the privileges/rights/whatever to perform all the activities required to configure a site.
In terms of #15...yes, if you can get turn-key site configuration to work then you will be really cooking...but this must include full support for multi-site configurations, shared database tables and getting Clean URLs working without any further user intervention. I think you are only scratching the surface at present.
cheers
Comment #18
David_Rothstein CreditAttribution: David_Rothstein commentedI think the last few comments here are not too closely related to the original issue... see #418302: Copy default.settings.php to settings.php during install IFF webserver owns files (FTP on shared hosting) instead, which (the Drupal 8 version of it at least) would potentially allow Drupal to handle many of these file permission changes for the user.
I suggest we keep this issue about documentation. I would agree that the original proposal is "won't fix" since:
However, I think we should leave this open in case there is some other textual improvement that can be made to make things a bit more clear before giving the link to the online handbook - however, I can't really think of anything at the moment.
Comment #19
iantresman CreditAttribution: iantresman commentedIsn't there a simple test for whether you're running under Unix, and provide numeric write permissions accordingly?
Otherwise, a more comprehensive page on write permissions (one click away), that details the permissions for each operating system. Let's not withhold the information for novices, if we know it.
Comment #20
dalinA small improvement that could probably still be made in D7 would be to use posix_getuid() and posix_getpwuid() to at least find out what user needs to be able to write to the given directory. Something like:
...
This would give a bit more help to the 90% of people that install Drupal on *nix.
Comment #21
sepeck CreditAttribution: sepeck commented@ dalin - where is your proof that 90% of people install on *nix? People say things like this but Drupal has been able to be installed on IIS for years and as a result it has been a popular CMS to deploy on Windows servers.
Comment #22
iantresman CreditAttribution: iantresman commentedWe should be helping newbies install Drupal. This means we tell them where there is an error, and suggest a solution. Ideally "Yes" should be in green, and No! should be in red. I would suggest all of the follow, which is clear and informative. eg.
Checking file and directory settings:
If an entry in the table shows "No!", then you must correct the issue. Some solutions are shown below.
Solutions
Details
The solution depends on the server operating system used to host Drupal (usually Windows or Linux/Unix). To make a directory/file writable
Comment #23
sepeck CreditAttribution: sepeck commented@22 - I would suggest removing the (753). If you are going to put in extra information then it would go in the 'Solution Details' you propose. Due to the variety of configurations from hosting providers to self built servers and the few comments already on the Linux page, the actual needed permissions and steps to achieve them are not going to be consistent on all distro's.
Comment #24
dalin@sepeck There is no way to know the exact percentage of *nix vs. windoze for Drupal installs. But my feeling, based purely on subjective things like how many forum posts I've seen about one vs. the other, the Drupal community is heavily weighted to the *nix side.
Regardless it doesn't matter. The fact that for a good-percentage of our users, perhaps a very high percentage, we can be able to tell them what user needs to have write access, and that we can't say 753, or 757 or the like, this little bit of info can help a lot.
I'm also a fan of the table. It's a lot more clear. However this is really looking like a D8 solution.
Comment #25
sepeck CreditAttribution: sepeck commented@dalin, if you are going to make up numbers for your justifications then yes it does matter. Especially as it causes these little disputes in the issue queue when people do make things up. Drupal.org has often proven less then welcoming to people running IIS and as a result we as a community have failed a large share of our potential users with that hostile attitude.
As to whether or not there is majority platform used for Drupal (which we now no longer know) the requirements page clearly states that Drupal will work on Apache and IIS.
Please note that Apache and IIS are listed and tested by members of the community.
The exact combination that arrives at 'write access' and what account that needs to be granted depend on a lot of things far out side the control of Drupal itself. I like the diagram in #22, I do not like the inclusion of the number to which I provided my above feedback(#23). I would add that I think adding local help pages with this information would be more beneficial then linking back here but if we do link back here then we need aliased doc pages.
Oh, it's spelled Windows with an 's', not a 'ze'.
Comment #26
amc CreditAttribution: amc commentedSomething like the table in #22 sounds like a fantastic idea and a usability win for non-technical users (like me). However, it strikes me as something that could be done on the status report page rather than at install time. That way we can check to see if permissions are set correctly and not bother the admin if they are. If they're not, we could simply provide a warning to check the status report like we do for other issues.
Comment #27
Damien Tournoud CreditAttribution: Damien Tournoud commented#22 sounds like a good approach, and will remove the "d'oh, I need to create the directory // refresh // d'oh, I need to make it writable // refresh // oh, good" nightmare.
I agree with #25: both for Windows and Linux, the details on how to make the "writable" happen depends on the particular setup. Don't mention details, and just link to the handbook.
Patches welcome.
Comment #28
jpw1116 CreditAttribution: jpw1116 commentedFrom a semi-newbie's perspective, yes, we need a superior way of addressing required directories and permissions to avert D7 installation and runtime errors.
Already, though, I can see issues with #22.
For instance, what if I'm configuring a multisite with both the primary and the subsite directories named after their domain/TLD and existing independently off sites/? In this case, having sites/default/settings.php may create confusion (instead, I have a separate settings.php in each of the "domain name" directories and only a single copy of default.settings.php within sites/default/).
The subtleties add up fast when configuring even a relatively simple, two-site multisite. Because even then you have more directories to worry about setting permissions on.
My goal would be to see a more robust "installation wizard" in D8 that would account for factors like these, plus a means to migrate an existing domain name (on another "live" site) to a from-scratch Drupal site--if necessary, using a temporary domain on a staging site until that's ready to assume the original domain. This was my real-world scenario and it's been a bear to say the least, getting the impression that D7's installation always assumes a fresh domain name on a brand-new site that is never a multisite.
Comment #29
Sahin CreditAttribution: Sahin commentedConfiguration: IIS on XP Pro, PHP 5.3.1, MySql 5.1.41
Although install script did not give any errors at "Verify requirements" step, only the sites/default/files folder created.
But those are not created:
sites/default/private/files, sites/default/private/temp (or is it sites/default/temp? thread description vs. #1) etc.
settings.php file created and seemes fine too.
After the setup I get "Page not found / The requested page could not be found." (see install-08.jpg)
Defined and commented out "$base_url = 'http://...';" line in sites\default\settings.php as recommended, nothing changed.
I created all the recommended folders manually (although a complete list is not given neither here nor in documentation), grant write permissions to all, nothing changed.
Can create menus and content but could not see them. Can list modules but cannot install.
Should be something related with DRUPAL_ROOT variable.
I will not get into "20-80% discussion" or "let those MS users curse their OS" approach (though I do every single day). No excuse is relevant to deny "Drupal is being developed to be web server independent" declaration.
Comment #30
W.M. CreditAttribution: W.M. commentedDrupal says that a certain folder does exist but that it (Drupal) cannot make it writable. Is there a way to grant Drupal the privilege to make files/folders writable?
Comment #31
davidwatson CreditAttribution: davidwatson commentedSahin, Geir19, welcome! The issue here is for how to update the documentation for file permissions, not for specific support requests related to them. I suggest you have a look at http://drupal.org/node/73179 on how to do that, specifically the section on "Support Requests." Chances are, you'll get a lot more in the way of responses.
Back on topic, #28 raises some interesting points regarding multisite. Without getting into revisiting the entire installer UX (which is entirely valid, but beyond the scope of this issue), wouldn't it be possible to just dynamically extend the table in #22 to account for and include multisite files and directories?
Comment #32
davidwatson CreditAttribution: davidwatson commentedSahin, Geir19, welcome! The issue here is for how to update the documentation for file permissions, not for specific support requests related to them. I suggest you have a look at http://drupal.org/node/73179 on how to do that, specifically the section on "Support Requests." Chances are, you'll get a lot more in the way of responses.
Back on topic, #28 raises some interesting points regarding multisite. Without getting into revisiting the entire installer UX (which is entirely valid, but beyond the scope of this issue), wouldn't it be possible to just dynamically extend the table in #22 to account for and include multisite files and directories?
Comment #33
davidwatson CreditAttribution: davidwatson commentedAlso, as others have said, this is clearly 8.x territory we're in. :]
Comment #34
lostchord CreditAttribution: lostchord commentedAnd the Drupal site configuration script is going to CREATE these multisite files and directories?
I go back to my comments in #14 and #17. If you are configuring outside of /default then you have to create files and directories from scratch and this needs access over and above that available in the web server context (one would hope!). Distributions such as Drupal for Fedora manage to place files in a variety of areas in the file system, Drupal still works fine. Placing a configuration script outside of the reach of the web server should not be a problem, I use one to create directories and set permissions (including SElinux permissions) for multisite installations as a matter of course.
If the concept of an external script is followed further then wierdness such as this (http://drupal.org/node/791004) would be a thing of the past.
cheers
Comment #35
amc CreditAttribution: amc commentedPer #33.
Comment #36
davidwatson CreditAttribution: davidwatson commented#34 - I'm not sure I follow. If you're referring to a configuration script as a solution, as #18 mentioned, the current issue is just about the documentation. For the sake of keeping things tidy here, we could always create a new issue to discuss.
I like the approach of #22, and while keeping in mind that we'll have to extend it for multisite setups, there are a few tweaks we could make:
* "Click here" is a UX antipattern. Links should be clearly labeled, and in their appropriate context wherever possible.
* Not sure the exclamation point is necessary (emotional response: "Why is Drupal yelling at me?"), though I agree with the use of color
* Redundancies such as "(shown as No! in the table)" and tangents like "(usually Windows or Linux/Unix)" could probably be removed to improve clarity
* As per #23, we should probably avoid anything OS/distro-specific until we start referring to handbooks
* Using passive voice for changes that have to be made tends to place the emphasis on informing the user about what needs to change, rather than implying fault for some misconfiguration
* Solutions should probably be shown conditionally, only if there's an issue
* Solutions and details could probably be merged and reworded for clarity
So with the table in #22, maybe something like:
Thoughts?
Comment #37
dalinOne thing that makes things a bit more complicated is that the file has to specifically be writable by the web-server (possibly, but not likely to be the same user that you browse the files with) . We can also let them know which user is running the webserver (by looking at the $_SERVER variable). Also one of the challenges is that we don't want to give advice that would cause security issues (i.e. change the permissions to 777). Though simply being on shared hosting is a security issue since any other website on the machine can write to your sites/default/files directory (not sure if we need/should be stating this either).
Comment #38
davidwatson CreditAttribution: davidwatson commented#37 - All of these issues should be addressed by the handbook pages linked to in my (and #22's) example above. :]
Comment #39
lostchord CreditAttribution: lostchord commentedTwo points:
So if you want to fix this in the documentation:
You also need to consider the post configuration position where the conditions that need to be satisfied to perform the configuration are no longer sensible. Do you really want settings.php to still be writeable?
Comment #40
davidwatson CreditAttribution: davidwatson commentedAgree with the first point, though a file not existing and not having permissions to access a file that does exist are in fact entirely different and distinguishable from each other. There's no need to make the user guess if we can tell the difference ourselves.
We've already addressed the need for the first point here. The second and third are already addressed by linking to the handbook pages at the end of the examples I mentioned.
Drupal already informs the user post-installation if your file permissions are off.
EDIT: Realizing that the fact that we're referencing the installation guide could be made more explicit. Perhaps instead, something like this?
Comment #41
lostchord CreditAttribution: lostchord commentedTotally agree. Just don't under estimate the challenges involved in determining the root cause of an access issue when you are running in the context of a (hopefully) non-privileged user. The fact that the user may be able to operate in a different context - and hence have a different view of the world - can also be a source of confusion. Here are a few scenarios:
If updating a file also requires creating a new copy of the file then there additional consideration at the containing folder level, i.e. you may need write access to that as well.
And don't forget folder permissions as well, all of them, from the root of the file system down if you really want to get it right. It is possible to logically manipulate a file without having access to it if you can manipulate the directory structure.
Comment #42
davidwatson CreditAttribution: davidwatson commentedFor sure. It looks like those situations are already addressed in the handbook, though; if not, they should be.
Yep, we're already checking folder permissions within the Drupal instance. I'm not sure Drupal should be responsible for checking any further than where it is installed, however.
Any other suggestions for the content of what we'll be saying? If this looks good to everyone, I think we can start writing patches.
Comment #43
Owen Barton CreditAttribution: Owen Barton commentedComment #44
mgiffordSo can this still be addressed in D8? Would be a real shame if it had to get bumped again.
What can we agree on that would be a small step ahead on this issue?
Comment #45
dalinI think we can do something like this by using the
posix_*()
functions (though not quite so verbose):Or
There doesn't appear to be to be a Window's equivalent to the
posix_*()
functions.Comment #46
mgifford@dalin any other thoughts about how to pull out that info?
I haven't used PHP's posix functions before.. We'd need to add in php-process though right? Or is that included in 5.4?
http://www.php.net/manual/en/function.posix-geteuid.php
http://www.php.net/manual/en/function.posix-getpgrp.php
I'm not sure if we could use getenv('APACHE_RUN_USER') to find what we need.... However we could at least send them to some help links.
Comment #47
dalinNot sure what you mean.
I was thinking something along the lines of this (we shouldn't be trying to detect any specific OS):
Comment #48
mgiffordposix isn't installed in 5.4 by default yet. That's all I meant.
In #45 you had a Windows/Linux target messages. I was just thinking about that. We can just make it general and not include specific chmod/chown/chgrp calls to fix file permissions.
Here's a patch that works with the code you provided above. I think this was inline with what you were proposing. Feel free to revise it.
Comment #49
dalinposix has been a part of PHP core since PHP4. But some *AMP packages go out of their way to remove it.
I did some more work on this to try and make the messaging in these three places (translations directory, files directory, settings file) more consistent.
Some follow-up questions/tasks:
- Need to add an is_readable() check for the files directory, just like the others.
- Might break out those long t() calls into separate parts like $server_permissions, $file_permissions, $more_help, and then assemble the appropriate bits when necessary.
- The following functions might be moved to Drupal\Component\Utility\FileSystem drupal_install_fix_file(), drupal_install_mkdir(), drupal_verify_install_file() as these are all generic. Then it wouldn't be so strange to use drupal_verify_install_file() in system_requirements().
- The files directory has install and runtime checks in system_requirements(), but settings.php has install checks in install_check_requirements() and runtime checks in system_requirements() with some code duplication.
Comment #50
dalinComment #51
dalinComment #59
prlw1 CreditAttribution: prlw1 commentedCase in point: I see on https://www.drupal.org/node/244924
I am not sure what "greg-user" is doing - manually unzipping modules in the directory he owns?
I just untarred file_permissions-7.x-1.0.tar.gz to try to find out what you think the setup should be.
Please could someone who understands what is meant to happen please update the documentation for us mere mortals?
Comment #61
prlw1 CreditAttribution: prlw1 commentedAnother case: when an update is available for a module, what permissions should modules' files have so that clicking on "update" works.