File Permissions of subdirectories
I am perplexed. I am upgrading from CentOS 4 to 6. In the old system I had a file structure that looks like this in var log.
================== old system ====================
define ("ENV_LOGDIR", "/var/log/db/cto/")
/old/var drwxr-xr-x. root root
/var drwxr-xr-x.root root
var/log (drwxr-xr-x. root root)
├── [drwxr-xr-x root root 4096] db
│** ├── [drwxrwxrwx root root 4096] cto
│** │** ├── [-rw-r--r-- daemon daemon 173853] login1106
│** │** ├── [-rw-r--r-- daemon daemon 32464] login1107
│** │** ├── [-rw-r--r-- daemon daemon 3048] login1108
│** │** ├── [-rw-r--r-- daemon daemon 17179] login1109
│** │** ├── [-rw-r--r-- daemon daemon 43636] login1110
│** │** ├── [-rw-r--r-- daemon daemon 25282] login1111
│** │** ├── [-rw-r--r-- daemon daemon 81195] login1112
│** │** └── [-rw-r--r-- daemon daemon 156486] login1201
As you can see, daemon does not have rights to directories above the cto subdirectory where they get all user rights. On the new system, I have tried to replicate the same rights.
=================== new system =================
define ("ENV_LOGDIR", "/var/log/db/ctonine/");
/var drwxr-xr-x.root root
/var/log (drwxr-xr-x. root root)
├── [drwxr-xr-x apache apache] db
| ├── [drwxr-xr-x apache apache] ctonline
There are a couple of differences -- in the new system apache(uid: 48) is running httpd, not daemon(uid:2). I am not sure if the low UIDs have magical rights. I know you don't have to have write rights to the entire directory structure to have rights at the lower directories (i.e. /home is owned by root rwxr.xr.x and the user subs are given different rights.
Any idea what I am doing wrong. Been a fight a day with this new server, plus keeping the clients happy
|