YaFM Documentation

YaFM stands for Yet Another File Manager It is a web-based file manager for UNIX-like operating systems


Note: most of these instructions apply to RedHat-like systems. In RedHat the default webroot for apache is /var/www/html and CGI programs are placed into /var/www/cgi-bin and this layout is respected in the .tar.gz archives and RPMs you've downloaded from YaFM's website.

Also the assumed location of your php CGI executable is /usr/bin/php and the PHP configuration file is assumed to be in /etc/php.ini If your installation differs or you want to install YaFM to another location please extract the archives manually, also you may have to modify the first line of the yafm.phps script!

Quick instructions:

If you've got the .tar.gz package install it as follows:
# tar --directory=/ -xvzf /path/to/yafm-release.tar.gz

If you've got the .tar.bz2 package install it as follows:
# bzcat /path/to/yafm-release.tar.bz2 | tar --directory=/ -xv

If you've got the RPM, install it as follows:
# rpm -Uvh /path/to/fileman-release.rpm

(note: replace yafm-release with the respective release number, e.g. yafm-1.0.5)

Now you should have a working YaFM installation, you can access it at http://your-host-name/cgi-bin/yafm.phps

WARNING: by default two accounts are created user1 with password1 and user2 with password2 Please edit the login.inc file to change accounts


You're may experience the following problem with CGI programs written in PHP:
Security Alert! The PHP CGI cannot be accessed directly.

Here is a brief explanation: it is insecure to have an interpreter such as php inside your cgi-bin folder. However this is not the case! Your php interpreter is most likely somewhere in /usr/bin/php and not in cgi-bin. However PHP is not smart enough to understand this so it issues that warning which you can safely disable by adding the following line in your /etc/php.ini cgi.force_redirect = 0 This is the quick (and safe) workaround but if you want to know more about this issue please read the PHP manual on the subject:


Q. Why is YaFM implemented as a CGI script and is placed inside the cgi-bin folder (or any other script alias folder) of my webserver?

A. In order to take advantage of the suExec or cgiwrapper mechanisms that may be configured on your web server. This makes possible to run YaFM under the unix user that owns the virtual apache domain instead of the user under which apache and mod_php applications run. This means greatly improved security.