I'm new to the mac world and have just been setting up my webserver. I used the following guide: http://echo.co/blog/os-x-107-lion-development-native-mamp-mysql-installer

I've transferred my sites and databases and everything is going pretty well. The only problem I have is with the writing permissions. For example there is a config file that needs to be written to, and I had to right click, go to Get Info then enable read & write for staff and everyone.

I can't manually go through and enable these write privileges for every file/folder. I didn't need to do this using WAMP and made development much quicker.

So wondering about 2 possible solutions: a) add my user account to a whitelist for the localhost so that 644 privileges are sufficient b) set the write privileges recursively

I found the best solution was to change the apache user and group settings. The instructions can be found at: http://paulmason.name/item/change-apache-user-group-in-lion-os-x

1. Open Terminal and Enter

   sudo nano /private/etc/apache2/httpd.conf
   

2. Find and change http.conf code from

   User _www
   Group _www
   

   To

   User your_mac_username
   Group staff
   

   Note: With earlier versions such as Leopard, capitalize staff to Staff. You can get your username and group by typing "id" and hitting enter in terminal

3. Restart Apache

   sudo apachectl restart
   

I'm the author of the mentioned blog post. For web server file permissions, you'll want to give write access to the _www user for files. For config.inc.php, you would set it a couple ways:

Have _www own the file and have write permissions:

$ sudo chown _www config.inc.php
$ chmod u+w config.inc.php

Have your user own the file, change the group to _www, and give group write permissions:

$ sudo chgrp _www config.inc.php
$ chmod g+w config.inc.php

Or, if you feel comfortable allowing all users to write, which I would not recommend for security reasons, give all users the ability to write:

$ chmod a+w config.inc.php

If an entire folder needs to be written by the _www user, it can own the folder and all files:

$ sudo chown -R _www:_www folder/

or you can give the folder write and execute permissions by all:

$ chmod a+wx folder/

The reason why chmod 774 gave you forbidden errors was because the _www user fell under the '4' permission, which is 'read-only.' For directories, a user needs 'execute' in order to traverse into the folder. chmod 775 would allow user and group to rwx, and others to r-x. Here's more information on Unix file permissions.

Also, your user could retain full ownership and add certain permissions for the _www user instead of changing the level of access for ALL users by using Access Control Lists.

$ sudo chmod -R +a '_www allow read,write,delete,add_file,add_subdirectory,file_inherit,directory_inherit' folder
$ sudo chmod +a '_www allow read,write' config.inc.php

If you're going to go the route of ACLs, I'd suggest doing some more reading to see what levels of access you really need to provide. Here is a great place to start.

I'm running Apache on OSX and this fixed it for me:

sudo chown -R _www:_www <mywebfolder>
sudo chmod -R 775 <mywebfolder>

Update #1:

Syntax: sudo chown <user>:<group> <file-or-folder>. The Apache user on OSX is _www.

To keep ownership but give Apache r-w-x permissions:

sudo chown -R <your-username>:_www <mywebfolder>
sudo chmod -R 775 <mywebfolder>

Update #2:

I like this method best. Set Apache to run as you.

1. In terminal type id to get uid=123(Myname).

2. Open /etc/apache2/httpd.conf and edit it to use your username.

   <IfModule unixd_module>
      User Myname
      Group staff
   </IfModule>
   

3. Back to terminal: sudo apachectl restart

I recommend settings the Write privileges recursively for your web root.

You can do this via the console / terminal using chmod -R 774 /my/web/root. For me, the owner and group is set to: www-data:myUserName, which can be set by using chown. Don't forget to check who's your web user first.

Edit: For better understanding, why you don't have access:

Chmod 774, each number stands for specific rights: user, group, others. If the user is set to www-data and the group to www-data (most users on a Unix system are in a group that's named by their username). So, if you're not in the group www-data you either have to join it, or you have to change owner (chown) or you have to change the permissions (chmod). There are several tutorials out there, for more information.