FTP : open for write: permission denied on LEMP Server

November 1, 2015 2.2k views
LEMP Getting Started

Hello,
Although I m successfully able to view and download the files from server, I cant upload the files on server (and replace the default ngineX page).
FileZilla Throws an error /usr/share/nginx/html/index.html: open for write: permission denied

1 comment
  • @prashantsani - What are the current permissions set to for each directory (i.e. /usr, /usr/share, /usr/share/nginx and /usr/share/nginx/html)? You'll need to ensure that the user & group has permission to read & write. Ideally, for directories, that'll be 0755 -- for files, 0644.

    While logged in to your Droplet, you can use ls -al to view permissions for each directory and file in the current directory. The permissions column will be the first on the left. Looking at each line, you'll either see a d or - as the first setting indicating whether the listed item is a directory or file.

    The next nine -'s will be set as r, w, x or - (read, write, execute or empty). The first three will be for User, the next three for Group and the final for Other (i.e. world).

    If a directory has the permissions set drwxr-xr-x, that translates to 0755. The user has read, write and execute permissions and group + other have read and execute permissions (but not write).

    If a file has the permission set -rw-r--r--, that translates to 0644. The user has read and write permissions and group + other have only read permissions.

    To be able to modify a file (which includes overwriting it via S/FTP), you'll need at least read & write permissions and need to be logged in as the user given the permissions. The exception to this is, of course, the root user, as root should be able to read, write and execute regardless of the permissions set for other users.

    That said, to change permissions using the CLI, you can simply use the chmod command followed by octal permission value (i.e. 0755 or 0644) and finally the file or directory.

    chmod 0644 filename.php

    chmod 0755 /path/to/directory

    You can also recursively CHMOD using the -r option, though you'll want to be careful that you limit the CHMOD to a specific type (file or directory), otherwise you'll end up setting all directories and files in a path to a CHMOD that may be too restrictive or too open (as -r will apply the changes to current directory + all sub-directories).

    To do a recursive CHMOD on all files of a certain type:

    find /path/to/dir -type f -print0 | xargs -0 chmod 0644

    To do a recursive CHMOD on all directories in a path:

    find /path/to/dir -type d -print0 | xargs -0 chmod 0755

    Simply replace /path/to/dir with the path of your choice -- in this case, if you wanted to target the files in the directory you mentioned above:

    For files:

    find /usr/share/nginx/html -type f -print0 | xargs -0 chmod 0644

    For directories:

    find /usr/share/nginx/html -type d -print0 | xargs -0 chmod 0755

2 Answers

This question was answered by @jtittle:

@prashantsani - What are the current permissions set to for each directory (i.e. /usr, /usr/share, /usr/share/nginx and /usr/share/nginx/html)? You'll need to ensure that the user & group has permission to read & write. Ideally, for directories, that'll be 0755 -- for files, 0644.

While logged in to your Droplet, you can use ls -al to view permissions for each directory and file in the current directory. The permissions column will be the first on the left. Looking at each line, you'll either see a d or - as the first setting indicating whether the listed item is a directory or file.

The next nine -'s will be set as r, w, x or - (read, write, execute or empty). The first three will be for User, the next three for Group and the final for Other (i.e. world).

If a directory has the permissions set drwxr-xr-x, that translates to 0755. The user has read, write and execute permissions and group + other have read and execute permissions (but not write).

If a file has the permission set -rw-r--r--, that translates to 0644. The user has read and write permissions and group + other have only read permissions.

To be able to modify a file (which includes overwriting it via S/FTP), you'll need at least read & write permissions and need to be logged in as the user given the permissions. The exception to this is, of course, the root user, as root should be able to read, write and execute regardless of the permissions set for other users.

That said, to change permissions using the CLI, you can simply use the chmod command followed by octal permission value (i.e. 0755 or 0644) and finally the file or directory.

chmod 0644 filename.php

chmod 0755 /path/to/directory

You can also recursively CHMOD using the -r option, though you'll want to be careful that you limit the CHMOD to a specific type (file or directory), otherwise you'll end up setting all directories and files in a path to a CHMOD that may be too restrictive or too open (as -r will apply the changes to current directory + all sub-directories).

To do a recursive CHMOD on all files of a certain type:

find /path/to/dir -type f -print0 | xargs -0 chmod 0644

To do a recursive CHMOD on all directories in a path:

find /path/to/dir -type d -print0 | xargs -0 chmod 0755

Simply replace /path/to/dir with the path of your choice -- in this case, if you wanted to target the files in the directory you mentioned above:

For files:

find /usr/share/nginx/html -type f -print0 | xargs -0 chmod 0644

For directories:

find /usr/share/nginx/html -type d -print0 | xargs -0 chmod 0755

View the original comment

this is such a stupid answer considering that you can just add the user to the group www-data

Have another answer? Share your knowledge.