Grav - Permission


In general, permission is a process of permitting to do something on your hosting environment. The permission includes read or write access to the files on the server or editing the files on the file system. Grav is a flat file based CMS which needs to write to the file system for creating cache and log files.

Grav comes under three main scenarios −

PHP/Webserver runs with same user that edits the files

This scenario works great with most shared hosting setup and also for local development. On the dedicated web host, we can't consider this approach as secure enough.

PHP/Webserver runs with different accounts but same group

With 775 and 664 permissions using shared group between the user and PHP/Webserver account, you can ensure that two different accounts will have the Read/Write access to the files. We can create new files by setting umask 0002 on the root with proper permissions.

Different accounts, fix permissions manually

This approach will have different accounts and update the ownership and permission of files which ensure that the PHP/Webserver user will have the Read/Write access on the files.

Following is the simple code of permissions-fixing shell script. You can edit this file as per the group which works for the setup.

#!/bin/sh
chown joeblow:staff .
chown -R joeblow:staff *
find . -type f ! -path "./bin/" | xargs chmod 664
find . -type f -path "./bin/" | xargs chmod 775
find . -type d | xargs chmod 775
find . -type d | xargs chmod +s
umask 0002