Apache: www-data and regular user both need write access

From FVue
Jump to: navigation, search

Problem

When setting up a website, both Apache (user www-data) and a regular user need write access to certain files. If a file is owned by one with user rights 664 (-rw-rw-r--), it isn't accessible by the other.

Solution 1. Create common group webdev

From: http://blog.chriskankiewicz.com/post/158/setting-up-an-ubuntu-web-server/

"You’ll need to set up some file permissions to allow Apache to read from, and you to write to, the web directory. This will be accomplished by changing the owner of the web directory, adding the Apache user and your user to this group and setting the guid bit forcing all new files/folders to have the same group permissions."

Create a new group:

$ sudo addgroup webdev

Change the group of your web directory:

$ sudo chgrp -R webdev /var/www/
$ sudo chmod -R g+rw /var/www/

Set the guid bit on all folders in your web directory:

$ sudo find /var/www -type d -exec chmod g+s {} \;

Add Apache to the webdev group:

$ sudo usermod -a -G webdev www-data

Add your user to the webdev group:

$ sudo usermod -a -G webdev <user_name>

Workaround

If the shell-login user has sudo-access, he can access all files as the www-data user:

$ sudo -u www-data CMD

Comments

blog comments powered by Disqus