2

I'm trying to add permissions for my nginx html folder using the following:

sudo chown -R my-user:www-data /webdirectory
sudo chmod -R 0755 /webdirectory

It works for existing files in the directory, however any added files I need to execute those lines again.

Any solutions?

heemayl
  • 91,753
Adam
  • 131
  • ok what is your umask mode creation? 755 is for a folder for a regular file is 666 if your umask is 0022 every new file created will have permissions 644 not 755 is this your issue? Or I misunderstood?:) – JoKeR Apr 08 '15 at 10:00
  • and that is why we have 'groups' ;) – Rinzwind Apr 08 '15 at 18:44

2 Answers2

3

You are looking for umask. umask is a shell builin that will decide what will the default permission of a newly created file. The value of umask can vary from user to user.

To check the umask value of the current user, run umask in the terminal:

$ umask 
0002

The first 0 indicates the absence of SUID/SGID/Sticky bit, it is the default first bit value so if we don't need to set any of those three bits we usually don't use this bit.

The umask value is actually deducted from 777 (in case of a directory) and from 666 (In case of a file) to get the permission of a newly created file/directory. So, if the umask is 0002 the newly created file by this user will have a permission of (666 - 002)=664 and a directory will have (777 - 002)=775.

To change the umask value for only current user permanently, put the umask value at the end of the ~/.bashrc of the user. For example:

echo "umask 022" >> ~/.bashrc

For changing temporarily, run:

$ umask 022

The global umask value can be found and changed from /etc/login.defs:

$ grep "^UMASK" /etc/login.defs 
UMASK       022

****Note than you should not use chmod/chown randomly unless you are absolutely sure about the outcome.

heemayl
  • 91,753
1

umask is correct but only covers the chmod part of your question, there is a more elegant way to do this.

To make sure, that you don't have to chown or chmod again, put your user to the www-data group of the apache webserver, like so:

useradd -G my-user www-data

With this add you are able to wirte in this folder and the username and group will be exactly what you asked for. Also with this, you don't even need to chmod again, because the webserver can read it, and so the content can be delivered without any restrictions.

s1mmel
  • 2,024