Re: Help with UMASK and file/directory permissions on sarge

To: debian-user@lists.debian.org
Subject: Re: Help with UMASK and file/directory permissions on sarge
From: "Bruno Hertz" <brrhtz@yahoo.de>
Date: Mon, 04 Apr 2005 19:06:51 +0200
Message-id: <[🔎] m37jji8o9g.fsf@caruso.quasi.local>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 1112629818.841125.300830@z14g2000cwz.googlegroups.com> (intendedacceleration@gmail.com's message of "4 Apr 2005 08:50:18 -0700")
References: <[🔎] 1112629818.841125.300830@z14g2000cwz.googlegroups.com>

"intendedacceleration" <intendedacceleration@gmail.com> writes:

> I have been searching google for the last couple days and I can't seem
> to get this to work right so I would appreciate any help you can offer.
>
> I am setting up an internal web server for our IT department. Each user
> has been created with their username as their primary group, but are
> also a part of a group I created called webusers. Apache is all setup
> to server out the web address through named virtual hosts. The local
> path to the directory is /var/www/testing/ which is owned by root with
> the webusers group assigned to it. It has been chmodded to 2774.
>
> What I need to do is get any file or directory under the main
> /var/www/testing to give full access to the webusers group
> automatically, no matter who creates the files. The file/directory
> owner is not important.
>
> First I tried looking in a test users ~/.bash_profile for the umask,
> which tells me I need to look at /etc/login.defs. I changed the umask
> setting in /etc/login.defs to 002, which I believe is correct for what
> I am trying to do. This seemed to have no effect. I then edited the
> /etc/profile file to have a umask of 002, which seemed to work for any
> directories created under that tree, however files are are still not
> writable by webusers.
>
> What is the correct way to do what I am trying to do in debian. Will
> this affect files and directories system wide or is there a way to
> change the umask only for a specifice directory?
>
> I welcome any help anybody can give me. Thank you in advance.
>

I'm not an apache geek, but I guess you're trying it from the wrong
end. If apache runs as user/group www-data/www-data, new files will
created with this ownership. Now, when such a file has group permissions,
like 660, a different user can still only read that file if he's member
of the www-data group. To have ownership www-data/webusers for newly
created files, afaik the only way to accomplish this is by having apache
itself run under the webusers gid. Could be I miss something, and hopefully
others will fill in then, but that's basically how file creation and
ownership work.

Regards, Bruno.

Reply to:

References:
- Help with UMASK and file/directory permissions on sarge
  - From: "intendedacceleration" <intendedacceleration@gmail.com>

Prev by Date: Re: printing very large sheets
Next by Date: Re: Help with UMASK and file/directory permissions on sarge
Previous by thread: Help with UMASK and file/directory permissions on sarge
Next by thread: Re: Help with UMASK and file/directory permissions on sarge
Index(es):
- Date
- Thread