On the forums, I often see messages and questions about which rights to correctly set up files and folder permissions in Vtiger CRM system. If the system administrator sets too rigid rights and prohibits everything that is possible, then various bugs in the system may appear and the work may freeze. Conversely, if all that is possible is resolved, then security problems are not far off.
The official instructions tell us the following:
For the duration of the installation, we will give the web server write permissions for all files and directories. We do this by changing the owner and group to www-data (the default Apache server user in Debian):
# cd vtigercrm
# chown -R www-data.www-data *
But usually just these commands are not enough. Below I provide a complete list of commands that will need to be entered to adjust access rights.
In order not to enter everything manually in a row, you can make an sh-script and execute it in the terminal in the folder with CRM.
find . -type d -exec chown user:group {} \;
find . -type f -exec chown user:group {} \;
find . -type d -exec chmod 775 {} \;
find . -type f -exec chmod 664 {} \;
chmod a+rw config.inc.php
chown www-data:www-data config.inc.php
chmod a+rw tabdata.php
chown www-data:www-data tabdata.php
chmod a+rw parent_tabdata.php
chown www-data:www-data parent_tabdata.php
chown -R www-data:www-data cron/
chmod -R a+rw cache
chown -R www-data:www-data cache
chmod -R a+rw cache/images/
chown -R www-data:www-data cache/images/
chmod -R a+rw cache/import/
chown -R www-data:www-data cache/import/
chmod -R a+rw storage/
chown -R www-data:www-data storage/
chmod -R a+rw user_privileges/
chown -R www-data:www-data user_privileges/
chmod -R a+rw Smarty/cache/
chown -R www-data:www-data Smarty/cache/
chmod -R a+rw Smarty/templates_c/
chown -R www-data:www-data Smarty/templates_c/
chmod -R a+rw modules/Emails/templates/
chown -R www-data:www-data modules/Emails/templates/
chmod -R a+rw modules/
chown -R www-data:www-data modules/
chmod -R a+rw cron/modules/
chown -R www-data:www-data cron/modules/
chmod -R a+rw test/vtlib/
chown -R www-data:www-data test/vtlib/
chmod -R a+rw backup/
chown -R www-data:www-data backup/
chmod -R a+rw Smarty/templates/modules/
chown -R www-data:www-data Smarty/templates/modules/
chmod -R a+rw test/wordtemplatedownload/
chown -R www-data:www-data test/wordtemplatedownload/
chmod -R a+rw test/product/
chown -R www-data:www-data test/product/
chmod -R a+rw test/user/
chown -R www-data:www-data test/user/
chmod -R a+rw test/contact/
chown -R www-data:www-data test/contact/
chmod -R a+rw test/logo/
chown -R www-data:www-data test/logo/
chmod -R a+rw logs/
chown -R www-data:www-data logs/
chmod -R a+rw modules/Webmails/tmp/
chown -R www-data:www-data modules/Webmails/tmp/