|
Apache ACLs for uploaded files in Drupal 6 on CentOS 5
This is really a permissions issue, I hope this is the right forum.
I have a webserver set up with CentOS 5 and am using ACLs to allow write access to all files in a particular directory to users in the webmasters group, but something appears to be stripping my ACL permissions off when uploading files through the webserver.
I have set the command
setfacl -m d:g:webmasters:rwx .
on the directory. If I touch test.txt and run ls -l, I see
-rw-rw-r--+ 1 drask drask 0 test.txt
and the ACL's are set correctly when I run getfacl:
# file: test.txt
# owner: drask
# group: drask
user::rw-
group::rwx # effective rw-
group:webmasters:rwx #effective rw-
mask::rwx
other::r--
however, if I upload a file (webserver_test.txt) through drupal and ls -l, I get:
-rw-rw-r-- 1 apache apache 0 webserver_test.txt
-rw-rw-r--+ 1 drask drask 0 test.txt
(notice the missing '+' on the first line) and if I do getfacl on webserver_text.txt, I get:
# file: webserver_test.txt
# owner: apache
# group: apache
user::rw-
group::rw-
other::r--
So it has no acl's set, and people in my webserver group can't modify the file.
If I do:
sudo su -s /bin/sh apache -c "touch apache_test.txt"
the new file shows up as:
-rw-rw-r--+ 1 apache apache 0 apache_test.txt
and has the ACL's I need set. So there is something odd about the webserver, Drupal 6, php, or something that is stripping the ACL's off of uploaded files.
Anybody have any similar experience or know of a workaround?
Please don't suggest adding all the members of the webmasters group to the apache group, that won't work for me for technical reasons I'm not getting into right now, and I really want these ACL's to work correctly.
Much Thanks!
Last edited by drask; 04-01-2013 at 03:08 PM.
|
