www-data permissions

Question

So I have a directory in  var www  called cake  and I need to allow www-data to write to it  but I also want to write to it  without having to use sudo   I m afraid to change the permissions to 777 in case some other user on my machine  or a hacker  attempts to modify files in that directory  How do I only allow access for myself and Apache s www-data

User · Accepted Answer

sudo chown -R yourname www-data cake   then  sudo chmod -R g s cake   First command changes owner and group   Second command adds s attribute which will keep new files and directories within cake having the same group permissions

User · Answer

As stated in an article by Slicehost      User setup      So let s start by adding the main user to the Apache user group   sudo usermod -a -G www-data demo       That adds the user  demo  to the  www-data  group  Do ensure you use   both the -a and the -G options with the usermod command shown above       You will need to log out and log back in again to enable the group   change       Check the groups now   groups       demo www-data       So now I am a member of two groups  My own  demo  and the Apache group    www-data        Folder setup      Now we need to ensure the public html folder is owned by the main user    demo  and is part of the Apache group  www-data        Let s set that up   sudo chgrp -R www-data  home demo public html       As we are talking about permissions I ll add a quick note regarding   the sudo command  It s a good habit to use absolute paths     home demo public html  as shown above rather than relative paths      public html   It ensures sudo is being used in the correct   location       If you have a public html folder with symlinks in place then be   careful with that command as it will follow the symlinks  In those   cases of a working public html folder  change each folder by hand       Setgid      Good so far  but remember the command we just gave only affects   existing folders  What about anything new       We can set the ownership so anything new is also in the  www-data    group       The first command will change the permissions for the public html   directory to include the  setgid  bit   sudo chmod 2750  home demo public html       That will ensure that any new files are given the group  www-data   If   you have subdirectories  you ll want to run that command for each   subdirectory  this type of permission doesn t work with  -R      Fortunately new subdirectories will be created with the  setgid  bit   set automatically       If we need to allow write access to Apache  to an uploads directory   for example  then set the permissions for that directory like so   sudo chmod 2770  home demo public html domain1 com public uploads       The permissions only need to be set once as new files will   automatically be assigned the correct ownership

[apache] www-data permissions?

Examples related to apache

Examples related to permissions

Examples related to sudo