Permissions – How to Give Read Write Permission to a Folder and Its Subfolders

permissions

I have changed ownership of my localhost file on /var/www/ and its sub folders and given it permission 777. However, whenever I add a new folder in it the new folder does not automatically get that permission. How can I give a folder 777 permission forever so that if I add a new folder or file it gets the same permission?

Best Answer

Permissions for newly created files are set by umask

Related Solutions

Permissions – How to Recursively Change File and Directory Permissions

Just add the -R option to recursively change the permissions of files. An example, recursively add read and write permissions for the owner and group on foldername:

chmod -R ug+rw foldername

Permissions will be like 664 or 775.

Setting the permissions to 777 is highly discouraged. You get errors in either Apache or your editor regarding permissions because apache runs under a different user (www-data) than you.

If you want to write to /var/www, add yourself to the www-data group and set umask+permissions accordingly.

Add yourself to the www-data group: sudo adduser $USER www-data
Change the ownership of the files in /var/www: sudo chown -R www-data:www-data /var/www
Change the umask, so newly created files by Apache grants write permissions to the group too. Add umask 007 to /etc/apache2/envvars.
Grant yourself (technically, the group www-data) write permissions: sudo chmod -R g+w /var/www.

Permissions – Grant Permission for New Created Files Inside Folder Automatically

What you want is called ACL - Access Control Lists.

Access Control List (ACL) provides an additional, more flexible permission mechanism for file systems. It is designed to assist with UNIX file permissions. ACL allows you to give permissions for any user or group to any disc resource.

acl package should be already installed, to check it run: dpkg -s acl.

To use ACL's you should enable it for your filesystem. But it can be already enabled. To check it use tune2fs -l. Substitute /dev/sda6 for your system:

$ tune2fs -l /dev/sda6 | grep "Default mount options:"
Default mount options:    user_xattr acl

If you see acl word - it is already enabled for device /dev/sda6.

If you don't see acl word - run tune2fs -o acl /dev/sda6 to enable it.

To modify ACL use setfacl command. To add permissions use setfacl -m.

To set permission for user:

$ setfacl -m "u:username:rwx" /path/to/folder

This will set rwx ACL, for user username to /path/to/folder. This means that all files created in this folder will have rwx permission for username.

To set permission for group:

$ setfacl -m "g:groupname:rwx" /path/to/folder

This will set rwx ACL, for group groupname to /path/to/folder. This means that all files created in this folder will have rwx permission for group groupname.

To set permission for other:

$ setfacl -m "o:rwx" /path/to/folder

This will set rwx ACL, for other to /path/to/folder. This means that all files created in this folder will have rwx permission for other.

To check permission:

$ getfacl /path/to/folder

To combine acl

$ setfacl -m u:username:rwx,g:groupname:rwx,o:rwx /path/to/folder

Default ACL

 The new object inherits the default ACL of the containing directory as its
 access ACL.

 If no default ACL is associated with a directory, the mode parameter to the func‐
 tions creating file objects and the file creation mask (see umask(2)) are used to
 determine the ACL of the new object:

 The new object is assigned an access ACL containing entries of tag types
 ACL_USER_OBJ, ACL_GROUP_OBJ, and ACL_OTHER. The permissions of these entries
 are set to the permissions specified by the file creation mask.

So if you set default ACL, it would be preferred ACL. That means if set ACL for user or group, new created file would inherit default acl anyway. Be carefully with default ACL.

To set default acl use -d key,

$ setfacl -d -m u::rwx,g::rwx,o::rwx /path/to/folder

or use default word

$ setfacl -m default:u::rwx,default:g::rwx,default:o::rwx /path/to/folder

Be carefully with setting default ACL. For example if set like this:

$ setfacl -d -m o:--x /path/to/folder

and now fetch this ACL

$ getfacl /path/to/folder
# file: path/to/folder
# owner: c0rp
# group: c0rp
user::rwx
group::rwx
other::--x
default:user::rwx
default:group::rwx
default:other::--x

default ACL for group and user will be rwx automatically!

Remove ACL

$ setfacl -b /path/to/folder

This will remove all ACL's from folder

Finally

If you are only user in system, I recommend use default ACL.

$ setfacl -d -m u::rwx,g::rwx,o::rwx /path/to/folder

This will do what you want for /path/to/folder

Sources

archlinux - https://wiki.archlinux.org/index.php/Access_Control_Lists

help.ubuntu - https://help.ubuntu.com/community/FilePermissionsACLs