Apache Permissions Problem on Backdrop CMS in Kubuntu 26.04LTS

themetman · May 21, 2026, 12:39pm

Ubuntu Version:
26.04LTS

Desktop Environment
KDE Plasma

Problem Description:
The Backdrop CMS Websites on my Laptop (identical to my PC) are giving permission errors.

The installation on both is identical, same permissions etc. so this should not be happening.

The Backdrop Community cannot seem to find the cause.

I have searched all over the place and the only thing I have found is here but I do not have SELinux running

Relevant System Information:
I have just changed the OS on my PC and Laptop to Kubuntu 26.04LTS from Gentoo Linux with KDE Plasma which I have used for very many years.

I have installed LAMP Server with MariaDB on both so I setup my local sites for Backdrop CMS which I have also used for many years. I used Drupal before that.

I have Apache and php-fpm setup with user:group as francis:www-data on both machines

Screenshots or Error Messages:
The error message I am getting on the Laptop is this:

The directory files is notwritable. The directory ../privateis notwritable. You may need to set the correct directory at thefile system settings page or change the current directory's permissions so that it is writable.

So what it is saying is that the program cannot write to those folders.

What I’ve Tried:
I have a fresh install of Kubuntu 26.04LTS and LAMP server on the PC and Laptop.

The location of the sites locally is identical (separate btrfs partitions ) I used rsync so copy the websites from the laptop to my PC so they are identical.

So the permissions on $HOME/FG-DOCS/public_html are drwxrwxr-x 1 francis www-data

and on the site folder and the files folder are the same. For the private folder they are drwxrwx--- 1 francis www-data
I use this script on all my sites to set the permissions:

#!/usr/bin/bash
chown -R francis:www-data .
echo "Setting all directories to 755"
find . -type d -exec chmod u=rwx,g=rx,o=rx '{}' \+
echo "Setting all files to 644"
find . -type f -exec chmod u=rw,g=r,o=r '{}' \+
echo "Special Permissions on config, private and files"
chmod 775 web/modules
chmod 775 web/files
find web/files -type d -exec chmod ug=rwx,o=rx '{}' \+
find web/files -type f -exec chmod ug=rw,o=r '{}' \+
find config -type d -exec chmod ug=rwx,o=rx '{}' \+
find config -type f -exec chmod ug=rw,o=r '{}' \+
chmod 770 private
echo "Setting settings.php file to 440"
chmod 440 web/settings.php
echo "Setting all .htaccess files 444"
find . -type f -name .htaccess -exec chmod u=r,g=r,o=r '{}' \+
echo "Setting FixPermissions to 750"

I have even done a fresh install on the Laptop, same problem. I have tried a folder on the same partition as the home folder on the Laptop, but I get the same error.

I created a Virtual Machine running Ubuntu 24.04LTS which works perfectly.

So with everything being identical on both machines why do I get a permissions error on the Laptop and not on my PC?

peterwhite23 · May 21, 2026, 2:46pm

Welcome to the Ubuntu Discourse!

[Please use pre-formatted code blocks (the </> icon in the editor) for such output.]

Why are those not owned by www-data but what seems to be your local user? Also, your $HOME is not the same as that of www-data.

Why? What’s the aim?

The apache2.service systemd unit saw some changes, which might explain the difference.

systemctl cat apache2

That should give you an idea where to look.

On a more general note, you should explain in more detail your setup, because I, for one, am having a hard time understanding what it even is, you’re trying to do.

themetman · May 21, 2026, 5:21pm

Thanks for replying @peterwhite23 I have always put my websites into folder FG-Docs/public_html which is off my $HOME folder.

I have always had the Apache user:group setup as above.

I have an identical setup on my PC which is working fine, so I am surprised to have these problems on my Dell Laptop.

As for the Permissions script, Backdrop is very similar to Drupal 7 and can be fussy about permissions, hence the script to make it easy to setup.

The output of the systemctl cat apache2 is identical on the PC and Laptop.

My setup is that I have local Backdrop CMS Sites under Apache and MariaDB which I can upgrade and test before using git to push to Dev and Production on a Hosted Service.

It is handy to have them on the laptop for portability, but for now I will just have to go with the PC.

peterwhite23 · May 21, 2026, 5:37pm

That wasn’t the reason I pointed it out. There were some changes between the 24.04 and 26.04 version of the apache2.service, so assumptions made about how it worked in 24.04 may no longer hold.

ProtectHome=read-only

sticks out in the 26.04 version of apache2.service.

As for the permissions script, maybe it silently fails at some point, or the prior rsync does in subtle ways. You should check the actual permissions of the files in question. You may also need to check the whole path, because $HOME can be set drwxr-x---, so the www-data user can’t even access it.

Actionparsnip · May 22, 2026, 11:27am

Are you using SELinux? If so then check the SELinux logs. Restart the service then run:
sudo ausearch -m AVC,USER_AVC -ts recent

themetman · May 22, 2026, 3:19pm

@peterwhite23 I installed Kbuntu 25 this morning and everything works perfectly on the Laptop, so there is something causing the problem as you say.

I am on Ubuntu 26.04LTS.

I am not running SELinux

themetman · May 22, 2026, 3:23pm

Well Well Well!! @peterwhite23 I am SO Greateful!!!

It was the ProtectHome setting which was the problem.

I did this:

systemctl edit apache2.service
Then added this:

[Service]
ProtectHome=no
and BINGO!!! Everything working!

I have no idea why my PC is happy without this edit, and the Laptop is not. I installed Kubntu 26 from the same USB stick.

Anyway if someone else has the problem the fix is here.

Thanks once again for taking the time to help.

peterwhite23 · May 22, 2026, 3:34pm

Indeed! I wouldn’t call that a solution though, because you’ve just disabled a security hardening feature. IMHO you should seriously consider putting the CMS in www-data’s $HOME, /var/www.
Or, you could explore the ReadWritePaths= directive which gives you more granular control of what you want to be accessible, instead of all of /home.

Maybe nothing has tried writing that location yet, or something is overriding the apache2.service there.

themetman · May 22, 2026, 4:39pm

I will check that out.

Much obliged

themetman · May 23, 2026, 6:48am

@peterwhite23 I changed the edit in the services file to this:

[Service]
ReadWritePaths=/home/francis/FG-Docs/public_html

And all is well