Dec 072016
 

Recently I came upon an issue on a cPanel server with suPHP as the handler in that, when the cPanel user SSH’s into the server (or connects via sFTP) any file or directory created will have incorrect permissions.

  • Files: 664
  • Directories 775
  •  
    I found this was due to a setting in /etc/profile that sets the umask value as such

    if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
    umask 002
    else
    umask 022
    fi

     
    It has been confirmed by cPanel that this is an internal bug already known that affects suPHP servers.
    Quoted from cPanel

    I found that we have internal case EA-4868 about the same issue you are describing, which is problems with suphp and the umask permissions. I am not able to provide an ETA on when a fix for that will be released, however it will be pushed to our changelog once it is.
    changelog.cpanel.net

    So… if you have a customer that has files that were created via SSH or upload over sFTP, that are getting 664 and 775 incorrect permissions errors? First, check the PHP handler
    /usr/local/cpanel/bin/rebuild_phpconf --current

    If that setting is set to suPHP, then the workaround for this, as recommended by cPanel, is the following:
    Change /etc/profile
    vim /etc/profile
    Locate the if/else statement setting the umask, most likely around line 64

    if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
    umask 002
    else
    umask 022
    fi
    to
    if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
    umask 022
    else
    umask 022
    fi

    Save the file, then connect as the user with
    su - $user

    Reload the profile; the new files and directories should be set with the correct permissions.
    As always, back up all the things first!
    Hope this helps!

     Leave a Reply