1

My /var/www is this (permissions 755)

drwxr-x---  3 www-data www-data 4096 gen 11 16:27 www

My /var/www/html is this (permissions 755)

drwxr-xr-x  2 www-data www-data 4096 gen 11 16:27 html

NOTE: if it's important, I installed php 7.2 and nginx on a Ubuntu 16.04.5; that for say that I manually created /var/www and /var/www/html because not created from nginx's installation

My user is named mirko

And using command group mirko I can see I am member of www-data

mirko : www-data adm cdrom sudo dip plugdev lxd lpadmin sambashare

But I cannot write files in /var/www/html. Of course, it because of 755 permissions.

question: the 755 is the suggested permission for /var/www/html in a lot of tutorials; but in this way, how is supposed I manage file into this folder?

My user must be able to run a composer create-project for example, and also git pull and so on.

What's the right settings for shell user and folder?

I know I can simply add +w recusively. My question was: if suggested permissions for html folder is 755 (or even 750) and suggested ownership is www-data:www-data... how can a shell user access html subofolders?

Thanks in advance

realtebo
  • 399
  • Are you sure that you are a member of www-data? I can't see www-data in your output. try logging out and relogin after adding your self to www-data: sudo gpasswd -a mirko www-data – Ravexina Jan 11 '19 at 16:20
  • You can use 775 for folders and 664 for files. chmod -R g+w /var/www/html. – pLumo Jan 11 '19 at 16:20
  • @Ravexina: thanks !! Was just a copy/paste error. I'm really member of www-data – realtebo Jan 11 '19 at 16:31
  • @RoVo: thanks, I know I can simply add +w recusively. My question was: if suggested is 755 and suggested ownership is www-data:www-data... haw can a shell user access html subofolders? – realtebo Jan 11 '19 at 16:32
  • 1
    please reference the "suggested ownership", who is telling that ? – pLumo Jan 11 '19 at 16:33
  • I see every where; https://askubuntu.com/questions/767504/permissions-problems-with-var-www-html-and-my-own-home-directory-for-a-website just to be one. – realtebo Jan 11 '19 at 16:34
  • 1
    @Rovo: OMG !!! The solution was is the link I just pasted !!! the ownership shuold be 'user:www-data' !!!!! I am so stupid ... – realtebo Jan 11 '19 at 16:35
  • 1
    And then you can give g+w for files that www-data needs write access. You can write the answer best by yourself I guess ;-) – pLumo Jan 11 '19 at 16:37
  • Since OP indicated the linked question they were looking at had an answer that fixed, I have closed this as a duplicate, mostly because it's the same general problem. – Thomas Ward Jan 11 '19 at 16:54

1 Answers1

4

Ownership should be youruser:www-data
And youruser should be in www-data group

Permissions for folders 750, for files 640

This can be done by one command: chmod -R u=rwX,g=rX,o= /pathtofolder

If scripts used to create some files add group writable permission to needed folders(like smarty template cache)

LeonidMew
  • 2,734
  • 1
  • 21
  • 38
  • There is a problem: when I create new files, the setgid bit is ignored, so new files are owned by "mirko:mirko" instead of "mirko:www-data". Why? – realtebo Jan 12 '19 at 12:41
  • 1
    are folder group also www-data? I don't know, with gid bit it should be fine, try to create file in other program to test – LeonidMew Jan 12 '19 at 12:51
  • 1
    Updated answer with "And youruser should be in www-data group", I think that was the problem with setgid ignored – LeonidMew May 06 '19 at 16:45