Apache/Linux configuration changes to make automatic upgrade more straightforward

I’ve been reading some posts that seem to touch on this (or possibly address it, but it’s going over my head). Unix is not my strong suit by a long shot.

I have inherited a Fedora server that is a little bumpy when it comes to auto upgrades.

Two things I’ve noticed:
1. It prompts me for FTP user and password. I’d like to eliminate this WITHOUT resorting to hard-coding the credentials (for a number of reasons)
2. The most recent 3.3.1 update fails for permission reasons (earlier upgrades did not fail). The workaround is to sudo chmod -R g+w ./* in the main wp directory, but I’m kind of sick of doing that every time.

Bottom line: things WORK, but it’s more work than I’d like.

Right now, everything seems to be running under the ‘apache’ user, which is a member of my ‘developers’ group that is the same group for the various people that FTP and make changes/edits to files/folders. But any new files/folders that are created by these users do not have their group write mode set so I have to do it manually…

Any thoughts? I’ll need a bit of a step-by-step since I’m a unix moron.

Thanks!

T

The simplest answer is:

As long as you’re on a fairly standard RedHat/CentOS/Fedora server, make sure that everything under your WordPress directory belongs to apache:apache. This will prevent the prompting for FTP credentials.

The advantage to doing it this way is that, in almost ALL situations, Apache has /bin/false or /sbin/nologin set up as its shell. This prevents anyone from exploiting the apache user to gain shell access to your box.

I think you’re likely getting tripped up by directories inheriting permissions from users with valid shells whose umasks are set funny. Try chown’ing everything to apache:apache and do a couple of test updates and see if that doesn’t fix 99% of the issues you’re running into.