SyntaxFix

[apache] www-data permissions?

So I have a directory in /var/www (called cake) and I need to allow www-data to write to it, but I also want to write to it (without having to use sudo). I'm afraid to change the permissions to 777 in case some other user on my machine (or a hacker) attempts to modify files in that directory. How do I only allow access for myself and Apache's www-data?

This question is related to apache permissions sudo

The answer is

As stated in an article by Slicehost:

User setup

So let's start by adding the main user to the Apache user group:

sudo usermod -a -G www-data demo

That adds the user 'demo' to the 'www-data' group. Do ensure you use both the -a and the -G options with the usermod command shown above.

You will need to log out and log back in again to enable the group change.

Check the groups now:

groups
...
# demo www-data

So now I am a member of two groups: My own (demo) and the Apache group (www-data).

Folder setup

Now we need to ensure the public_html folder is owned by the main user (demo) and is part of the Apache group (www-data).

Let's set that up:

sudo chgrp -R www-data /home/demo/public_html

As we are talking about permissions I'll add a quick note regarding the sudo command: It's a good habit to use absolute paths (/home/demo/public_html) as shown above rather than relative paths (~/public_html). It ensures sudo is being used in the correct location.

If you have a public_html folder with symlinks in place then be careful with that command as it will follow the symlinks. In those cases of a working public_html folder, change each folder by hand.

Setgid

Good so far, but remember the command we just gave only affects existing folders. What about anything new?

We can set the ownership so anything new is also in the 'www-data' group.

The first command will change the permissions for the public_html directory to include the "setgid" bit:

sudo chmod 2750 /home/demo/public_html

That will ensure that any new files are given the group 'www-data'. If you have subdirectories, you'll want to run that command for each subdirectory (this type of permission doesn't work with '-R'). Fortunately new subdirectories will be created with the 'setgid' bit set automatically.

If we need to allow write access to Apache, to an uploads directory for example, then set the permissions for that directory like so:

sudo chmod 2770 /home/demo/public_html/domain1.com/public/uploads

The permissions only need to be set once as new files will automatically be assigned the correct ownership.

Source: Stackoverflow.com

Examples related to apache

Enable PHP Apache2 Switch php versions on commandline ubuntu 16.04 Laravel: PDOException: could not find driver How to deploy a React App on Apache web server Apache POI error loading XSSFWorkbook class How to enable directory listing in apache web server Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details How to enable php7 module in apache? java.lang.RuntimeException: Unable to instantiate org.apache.hadoop.hive.ql.metadata.SessionHiveMetaStoreClient The program can't start because api-ms-win-crt-runtime-l1-1-0.dll is missing while starting Apache server on my computer

Examples related to permissions

On npm install: Unhandled rejection Error: EACCES: permission denied Warnings Your Apk Is Using Permissions That Require A Privacy Policy: (android.permission.READ_PHONE_STATE) ActivityCompat.requestPermissions not showing dialog box PostgreSQL: role is not permitted to log in Android 6.0 multiple permissions Storage permission error in Marshmallow Android M Permissions: onRequestPermissionsResult() not being called pip install failing with: OSError: [Errno 13] Permission denied on directory SSH Key: “Permissions 0644 for 'id_rsa.pub' are too open.” on mac changing the owner of folder in linux

Examples related to sudo

Composer: file_put_contents(./composer.json): failed to open stream: Permission denied How to run SUDO command in WinSCP to transfer files from Windows to linux How to install Intellij IDEA on Ubuntu? pip install: Please check the permissions and owner of that directory How to use sudo inside a docker container? How to fix 'sudo: no tty present and no askpass program specified' error? npm install errors with Error: ENOENT, chmod npm throws error without sudo Is it acceptable and safe to run pip install under sudo? Command not found when using sudo

Tags

Onactionexecuting Smartassembly Code-behind Modelica Hibernate3 Posthoc Static-variables Dof-file Graffiticms Navigationitem Custom-server-controls Graph-visualization Firefox-3 Acceptance-testing Asa Uri Database-dump Webservicetemplate Collatz Mailnotifier Fixeddocument Asadmin Mootools-events Xcode Requirements Mahout Setvalue Memory Graphml Lookbehind Rowlocking Cleartype Mex-bindings Load-data-infile Function-handle Datatemplate Sector Django-testing Mutation-testing Heapalloc Led Subtitle Embedded-sql Ccl Triangulation Power-state Clickable Mojarra Bdd Vfd Bin-packing Enterframeevent Xmlignore Pulseaudio Space Info.plist Jri Code-first Statspack Gateways Graphicscontext Protection Mark-and-sweep Preload Bcd Zend-filter Directory-browsing Elgamal Svnignore Sustainable-pace Adornment Castle-validators Consolas Embedded Ghosts-in-the-machine Devdefined-oauth Volatility First-level-cache Loading react-state Bindingsource European-data-format Udpclient Tray Vinstance Backtracking System-procedures Asp.net-webpages Significant-digits Passthru Abmultivalue Isinstance Testunit Seam-conversation Visualizer Class-library Externals Package-management Netbeans-plugins Seo