Last night I had an idea. And typically for me, I couldn’t sleep properly as I kept trying to remind myself about the idea. I should have gotten up and tried it, but if it hadn’t worked I would have gotten even less sleep.
Anyway, the problem I was having with the OpenID plugin is that I forgot to make the plugin’s temp directory group writable. Most people seem to be ok with just making all their blog files writable by the web server, but I worry about the number of security holes that seem to pervade PHP applications so I make all the WordPress files belong to the user “blog” and only the ones that the web server has a legitimate reason to write belong to the group “www-data” and are group-write. When I installed this plugin, I made the tmp directory belong to the group “www-data”, but I forgot to “chmod g+rwx” on it. Duh. Even more “duh” worthy, I see that the plugin page has a FAQ that has that as item 1.
It seems to be working now. Let me know if you can’t comment.