Hello,
As kirby needs apache to be able to write in several folders, I resorted to changing the group of all files and folders in my kirby installation to www-data, apache’s group in linux (_www in osx I think) and giving the group write permission.
But whenever I create a file with sublime text or if I ‘touch’ it in the terminal , I need to run all this again.
So I used the setgid bit to set the default group of newly created files to apache’s but I am still looking for a way to set default permissions, to give WRITE to that group.
There is umask, but I’d say that works systemwide ?
How do you people do it ?
Thank you
Hi,
I’m no expert on this but from what I can tell you are creating a file in sublime or the terminal under your normal user account. Is this user apart of the www-data group? Who is the owner of your files and directories?
I have just been doing some testing on my server and with a permissions of 2774 on directories and 0664 on files and my user being part of the www-data group. Touching a test file gives it the owner of my user and group of www-data with rw permissions for both owner and group. Let me know if this helps at all :).
I also just made a directory with the same result.
*Edited to mention directory
Cheers!
Hello!
When I or an application that I run creates a file or directory it creates it as owner/group mal/mal, with group NOT having write access.
For kirby to be able to write or modify these, it needs to have apache or its group (www-data) either as owner or group, PLUS write access for www-data. As said, by default, group does not have write access.
This is localhost btw, in a server it may differ.
And yes, mal is part of www-data, but I think that does not make any practical difference.
I will check the permissions you refered to.
Thanks!
Ahhh I see - I understand a bit better.
Would you not need to change the group to www-data? And then set the permissions as I referred to? Unless you added www-data to the mal group, which may be a bit of a security problem?
chown -R $USER:www-data on your html directory. That way your user is user owner and the Apache group is group owner. Then sudo find /path/to/your/directory-type d -exec chmod 2774 {} \; to change permissions on directories with the default group owner id bit and finally find /path/to/your/directory -type f -exec chmod 0664 {} \; to change permissions on files to rwrwr? This way new directories and files should get the group owner as www-data by default and the user owner as your $USER.
Hope this makes it a bit more clear, and if anyone sees a problem with this, let me know. 
*Edited to correct permissions
*Edited again as I was right the first time, sorry!
Thanks again @ElliotSmith91, I’ve been able to set www-data as default group for newly created files with setgid bit:
chmod -R g+s folder/
…but I cannot find any way to set write permission for the group on defaulta… well other than using ACL’s
So files are created with user/group mal/www-data but permissions rw_r_
Thanks again
Ok, I checked the umask of my setup and it is 0002 - this is probably where the differences are happening between our two systems.
If you don’t want to change your umask and don’t want the hassle of adding new/ different users to groups etc. you could check out using bindfs as a work around as mentioned in this article:
http://blog.netgusto.com/solving-web-file-permissions-problem-once-and-for-all/
I have not done this myself, but it seems like quite an elegant solution.
Hope this helps
2 Likes