我使用CFT创建了一个Apache web服务器;这是使用RHEL 7.为了允许EC2用户修改文档的apache根文件夹的文件,我加入CFT(来自无功/日志/云init.log截取)ec2用户没有权限写入web文件夹
Jun 30 16:11:15 ip-10-205-0-135 cloud-init: groupadd www Jun 30 16:11:16 ip-10-205-0-135 cloud-init: usermod -a -G www ec2-user Jun 30 16:11:16 ip-10-205-0-135 cloud-init: chown -R root:www /var/www Jun 30 16:11:16 ip-10-205-0-135 cloud-init: chmod 2775 /var/www Jun 30 16:11:16 ip-10-205-0-135 cloud-init: find /var/www -type d -exec chmod 2775 {} \; Jun 30 16:11:16 ip-10-205-0-135 cloud-init: find /var/www -type f -exec chmod 0664 {} \;
正如在以下从日志中可以看到,这很好。然而,在EC2登录时,它给的权限如下错误:
[[email protected] html]$ aws s3 sync s3://gfrepo/releases releases download failed: s3://gfrepo/releases/binaries.html to releases/binaries.html [Errno 13] Permission denied: u'/var/www/html/releases/binaries.html' download failed: s3://gfrepo/releases/B1556013/B1556013.jar to releases/B1556013/B1556013.jar Could not create directory /var/www/html/releases/B1556013: [Errno 13] Permission denied: '/var/www/html/releases/B1556013'
我结束了我的提升作为许可sudo来完成S3同步。不知道为什么它为ec2用户授予权限错误。这里有权限上市:
[[email protected] www]$ ls -l total 0
drwxrwsr-x. 2 root www 6 Mar 21 02:33 cgi-bin
drwxrwsr-x. 3 root www 55 Jun 30 16:11 html
[[email protected] www]$ groups ec2-user
ec2-user : ec2-user adm wheel systemd-journal www
正如你可以看到EC2用户是WWW组和WWW的一部分是HTML的所有者子DIR
对于ec2用户能够写入文档根目录,它需要成为www-data组的成员 – error2007s
它是; [ec2-user @ ip-10-206-32-92 html] $ groups ec2-user ec2-user:ec2-user adm wheel system-journal www –