Web permissions on Runciman

All accounts on Runciman have two folders in their home directory, called public_html and private_html. You can place files in there and they can be accessed from the URLs https://runciman.hacksoc.org/~username/path/to/file and https://runciman.hacksoc.org/~/username/path/to/file respectively. Sometimes you may run into HTTP 401 errors, which are caused by incorrect permissions on the files in those directories.

A file (or folder) has permissions set for three people:

user or owner: this is a single user, typically you for files you create.
group: this is a named group of users, for example the users group that all users on Runciman belong to
everyone or others: this is everyone who doesn't fall into the first two categories.

There are three permissions that can be set for each of these people:

Read: this person can read from this file
Rrite: this person can write to this file, or create files in this folder
eXecute: this person can run this program/script, or list the files in this folder

The web server on Runciman runs as the http user, which means in order to serve files in your public/private_html folders, the permissions need to be set:

everyone: read for all files
everyone: execute for all folders

You can change list permissions using ls -l like so:

    [ldm@runciman ~]$ ls -l public_html/
    -rw-r--r--  1 ldm users     1061 Dec 11 19:47 public_html/clock.html
    -rw-r--r--  1 ldm users 94602269 May 27  2019 public_html/general.html
    -rw-r--r--  1 ldm users     1063 Jan 21 13:44 public_html/index.html
    -rw-r--r--  1 ldm users    17117 May 27  2019 public_html/quotes.html
    -rw-r--r--  1 ldm users       88 Sep 19 17:30 public_html/segfault.html
    -rw-r--r--  1 ldm users      629 Apr 27  2019 public_html/slack.html

We're most interested in the first column, which shows the permissions of each file. The first character indicates if it is a normal file (-), a folder (directory, d), or something else. The rest shows the permissions for the user, group, and others in this format:

 file   user   group   others
 mode
 -      rw-    r--     r--

The order is rwx, for Read, Write, eXecute. If a letter is replaced with -, then the permission is not set for that user.

To set permissions in UNIX, use the chmod command. The syntax is chmod [people]+/-PERMISSIONS FILES.... Here are some examples:

    # Make index.html writable by the user
    chmod u+w index.html

    # Make index.html readable by the group
    chmod g+r index.html

    # Make index.html readable by everyone (others)
    chmod o+r index.html

    # Make index.html readable by all users (ommitting u,g,o will default to adding the permission for all users (ugo))
    chmod ugo+r index.html
    chmod +r index.html

    # Make all html files readable by all users (you can use * as a wildcard)
    chmod +r *.html

    # Remove read permissions from the group and everyone
    chmod go-r index.html

    # Make a folder executable (the trailing / is optional)
    chmod +x memes/

To make all files readable, you can use the --recursive or -R option with chmod -R +r public_html/. Making all files executable is discouraged, but you can use the following command to make all directories (in your public_html) executable:

    find public_html -type d -exec chmod +x {} \;

I hope this guide was helpful! If you have any more questions, do ask in chat