LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-06-2016, 12:35 AM   #1
wh33t
Member
 
Registered: Oct 2003
Location: Canada
Posts: 716

Rep: Reputation: 47
Question Permission help please!


Hey LQ,

I'm having troubles with permissions. I want to be able to read and write into my /var/www/html directory as my regular username (in this case wh33t). I figured the easiest way to do this was to add my username to the www-data group, which is the owner of /var/www/html.

Code:
wh33t@wh33tserv:/var/www$ ls -l
total 4
drwxrwxr-x 2 www-data www-data 4096 Sep  5 22:31 html
www-data group members, I see that wh33t is a group member

Code:
wh33t@wh33tserv:/var/www$ getent group www-data
www-data:x:33:wh33t
but then something like this fails

Code:
wh33t@wh33tserv:/var/www$ mkdir html/testdir
mkdir: cannot create directory ‘html/testdir’: Permission denied
Where did I go wrong?
 
Old 09-06-2016, 01:07 AM   #2
HMW
Member
 
Registered: Aug 2013
Location: Sweden
Distribution: Debian, Arch, Red Hat, CentOS
Posts: 773
Blog Entries: 3

Rep: Reputation: 368Reputation: 368Reputation: 368Reputation: 368
Hi!

What does the command:
Code:
groups wh33t
say?

Best regards,
HMW
 
1 members found this post helpful.
Old 09-06-2016, 01:49 AM   #3
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: Debian, Crux, LFS, AntiX, NuTyX
Posts: 1,961
Blog Entries: 4

Rep: Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848
You have to log in again after adding yourself to a group.
 
2 members found this post helpful.
Old 09-06-2016, 02:07 AM   #4
wh33t
Member
 
Registered: Oct 2003
Location: Canada
Posts: 716

Original Poster
Rep: Reputation: 47
Quote:
Originally Posted by HMW View Post
Hi!

What does the command:
Code:
groups wh33t
say?

Best regards,
HMW
Code:
wh33t@wh33tserv:/var/www$ groups wh33t
wh33t : wh33t adm cdrom sudo dip www-data plugdev lxd lpadmin sambashare
Thanks! The re-log worked. Didn't know that.

Last edited by wh33t; 09-06-2016 at 02:18 AM.
 
Old 09-06-2016, 02:16 AM   #5
descendant_command
Senior Member
 
Registered: Mar 2012
Posts: 1,608

Rep: Reputation: 423Reputation: 423Reputation: 423Reputation: 423Reputation: 423
Quote:
Originally Posted by wh33t View Post
the www-data group, which is the owner of /var/www/html.
Having your webroot owned by the webserver user is generally a bad idea - if there is any flaw in the actual server, or in your website, the webserver process has full write access to reconfigure whatever it's told to - your site is no longer yours.
 
1 members found this post helpful.
Old 09-06-2016, 02:18 AM   #6
wh33t
Member
 
Registered: Oct 2003
Location: Canada
Posts: 716

Original Poster
Rep: Reputation: 47
Quote:
Originally Posted by descendant_command View Post
Having your webroot owned by the webserver user is generally a bad idea - if there is any flaw in the actual server, or in your website, the webserver process has full write access to reconfigure whatever it's told to - your site is no longer yours.
What user do you feel should own it?
 
1 members found this post helpful.
Old 09-06-2016, 02:28 AM   #7
descendant_command
Senior Member
 
Registered: Mar 2012
Posts: 1,608

Rep: Reputation: 423Reputation: 423Reputation: 423Reputation: 423Reputation: 423
If you are the only human involved, then your regular user would make sense.
I often have the owner as root, with a 'webadm' group with write access (to which required users are added), and read access for 'other' (which includes www-data).
Depending on content some dirs (such as tmp, upload etc.) may need write access for the webserver user, but generally, less is better.
 
1 members found this post helpful.
Old 09-06-2016, 04:20 AM   #8
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 3,203
Blog Entries: 3

Rep: Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409Reputation: 1409
Quote:
Originally Posted by descendant_command View Post
If you are the only human involved, then your regular user would make sense.
I agree that setting your account as owner is the easiest way if you are the only user. It will get the job done and is uncomplicated.

If you are sharing access with others, it does get more complicated. If sharing access comes up later, then you'll want to use groups. And for that there are some fine points that make it go smoothly but may not be initially obvious. So I've put together some notes on what I consider to be best practices for sharing write access to a web directory in a blog post.
 
1 members found this post helpful.
Old 09-06-2016, 05:07 AM   #9
Habitual
LQ 5k Club
 
Registered: Jan 2011
Location: Yawnstown, Ohio
Distribution: High Sierra
Posts: 9,060
Blog Entries: 37

Rep: Reputation: Disabled
13 years you've been here.
What makes a good issue description?
 
Old 09-06-2016, 09:51 AM   #10
HMW
Member
 
Registered: Aug 2013
Location: Sweden
Distribution: Debian, Arch, Red Hat, CentOS
Posts: 773
Blog Entries: 3

Rep: Reputation: 368Reputation: 368Reputation: 368Reputation: 368
Quote:
Originally Posted by wh33t View Post
What user do you feel should own it?
In my case: root
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Execute permission set but permission denied when unlocking IronKey mdh524 Linux - Newbie 2 11-12-2015 09:36 PM
[SOLVED] ext4 - permission to create/modify a file without 'delete' permission BeachHead Linux - General 4 06-08-2014 07:34 PM
File & Folder Permission and Ownership permission error in Cloud storage. rhcekumaran Linux - Newbie 3 06-14-2013 04:41 AM
mkdir throws Permission Denied error in a directoy even with root ownership and 777 permission surajchalukya Linux - Security 14 09-03-2012 08:34 AM
'permission denied" inspite of right permission flags on network drive anirudhvij Linux - Enterprise 8 05-22-2007 05:57 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration