Ubuntu – chmod u+s in /var/www

12.04Apache2chmodwww

i have a problem at granting the right rights for the right user…

i want to run pootle with apache, so i downloaded pootle. Then i copied it to /var/www, installed it and gave the www-data user rights for the whole folder. As far as good… now i want to copy the translated files from and to the translation-directory (e.g. /var/www/pootle/po/project).
So i created a group (www) added me to the group and executed

sudo chown -R :www /var/www/pootle

ok, so now i have rights to write files into the directory, however, when apache creates a file, its group is www-data…

sudo chmod -R g+s /var/www/pootle

ok, now the group is always "www", as i wanted it to be… now here is the problem:
When i write files to /var/www/pootle they are there, however, with my user as owner, and not, as i awaited, as www-data, although i executed the command:

sudo chmod -R u+s /var/www/pootle

is there a way that i can say that the user who created the file, even if its me, shall be www-data?

thx in advance 🙂

Best Answer

If you run chown without a preceding colon, you will change the owner. (With the preceding colon, you change the group, as you have demonstrated above, and you can also run chown -R new-owner:newgroup.) So if you just run

sudo chown -R www-data /var/www/pootle

you will change the owner to www-data.

"....when apache creates a file, its group is www-data..."

Can you clarify what you mean by this? Apache serves files, it doesn't create them. PHP creates them - but they are created dynamically and served directly to web clients (browsers), they are not created and then saved by Apache.

It seems your problem is with file ownership. If so, a more convenient approach might be to add pootle to the www group - as Apache (generally) needs htm(l) files to be owned by www to read them. Files then created by Pootle will have the same group ID and you won't need to run chown at all - Apache will have read access to Pootle's files. See http://translate.sourceforge.net/wiki/pootle/apache which says:

 You need to extract Pootle in a directory accessible to the apache user.

Make sure Apache has read access to all of Pootle's files and write access to the dbs and po subdirectories.

Hope this helps.

Related Solutions

Ubuntu – Default file permissions for php user www-data

You could use ACL. To set up ACL for Ubuntu 10.10, first mount the file systems with the acl option in /etc/fstab.

sudo vim /etc/fstab

UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx / ext4 defaults,acl 0 1

sudo mount -o remount,acl /

Then make a group to which a user may belong for this purpose.

sudo groupadd developers
sudo usermod -a -G developers $username

The user needs to log out and in again to become a member of the developers group.

Of course, do not do this if you have content in the /var/www directory that you want, but just to illustrate setting it up to start:

sudo rm -rf /var/www
sudo mkdir -p /var/www/public
sudo chown -R root.developers /var/www/public
sudo chmod 0775 /var/www/public
sudo chmod g+s /var/www/public
sudo setfacl -d -m u::rwx,g::rwx,o::r-x /var/www/public

Then replace references to "/var/www" with "/var/www/public" in a config file and reload.

sudo vim /etc/apache2/sites-enabled/000-default
sudo /etc/init.d/apache2 reload

If we wanted to restrict delete and rename from all but the user who created the file:

sudo chmod +t /var/www/public

This way, if we want to create directories for frameworks that exist outside the Apache document root or maybe create server-writable directories, it's still easy.

Apache-writable logs directory:

sudo mkdir /var/www/logs
sudo chgrp www-data /var/www/logs
sudo chmod 0770 /var/www/logs

Apache-readable library directory:

sudo mkdir /var/www/lib
sudo chgrp www-data /var/www/lib
sudo chmod 0750 /var/www/lib

Ubuntu – Symlink /var/www directory

Delete (or move, for safety) the www directory before you create the symlink.

So, you should have a /var, but there should be no /var/www. Then, and only then, will a symlink called www be created that points to your localhost/code/project folder.

Best Answer

Related Solutions

Ubuntu – Default file permissions for php user www-data

Ubuntu – Symlink /var/www directory

Related Question