I agree, it makes no sense, but I assure you I am not doing any of those other things. I’ll try to show the whole issue here…
Files are being uploaded to:
/web/user-receipts/
… which is owned by “tomcat” and the group is “www-data”
The CFM file/code/page uploads the file into a subdirectory it creates at the time of upload (if it does not already exist) called “user-0000000001” (or another user number) which is ALSO owned by “tomcat” and the group is “www-data”
Yet another subdirectory is also created which is today’s date: “2021-07-05” which again is also created at the point of upload if it does not exist, is also owned by “tomcat” and the group is “www-data”
The image file is then renamed to something else and uploaded into that directory.
Below, are screen shots of the directories and associated owners and permissions as seen through an FTP/SFTP client (again, CFM is doing the work, I am just using the FTP client to show you the results visually). I could just as easily screen shot the Terminal, but this is faster (visually) to look at.
After CFM uploads the file - which it does, no problem - then I call ImageMagick to do some things. But - and this is key - it doesn’t matter if I try to run (either) CFEXECUTE or FileSetAccessMode() to change file attribtues, before ImageMagick or after ImageMagick - the result is the same - an error.
But, wait, it gets even more weird.
I also have another directory called “app-style” this is where default style sheets go. These style sheets are actually generated from a database table so that I can edit, add or adjust styles on the fly without touching a style sheet (long story). But I have a CFM form page with each CSS attribute in a field in the DB. CFM then pulls all of that, parses and creates a style sheet. The resulting file is saved to disk in “app-style” which is… owned by Tomcat and the group is WWW-DATA. Same as with the receipts.
But unlike the “user-receipts” directory, I can run CFEXECUTE on the “app-style” directory and it works everytime, I can change MOD to 600, 644, whatever (it’s always 644).
This is the only line of code for updating the /app-style/ directory contents after generating the style sheet file, it works every time, no error, and I can change mod to anything I want as a way to test:
<cfexecute name="/bin/chmod" arguments="-R 0644 #fullPath#" timeout="30" />
So, bottom line, CFEXECUTE works in one directory, but not another and the permissions are the same on each.
And, in my prior example, changing the mod to 600 was an example. The file is/was 644, but I used 600 just to see if it would work. Directories are always 755 and files are 644.
Screen shots. I highlighted (clicked) on the directory or file which I want to show you in each of the four screen shots.
Permissions and owner for "/user-receipts/
(tomcat:www-data 755)
Permissions and owner for "/user-receipts/user-00000000001/
Created by CFM at time of upload but in this case, permissions have previously been corrected to 755
Permissions and owner for "/user-receipts/user-00000000001/2021-07-06/
Created by CFM at time of upload but with 750 instead of 755
Permissions and owner for "/user-receipts/user-00000000001/2021-07-06/receipt-000000010566.jpg
Created by CFM at time of upload but with 640 instead of 644