How do I set the permissions for newly created files?

Question

I have setup apache and php and i work in /var/www so i've changed the permission of this folder owning it from my user and giving all others users read-only access.

But when i create new files using right click->create document they get created with "no rights" for others users and also for my group while the folder permission are to giv read-only to all users.

How can i solve?

This is the output of ls -la /var/www

matteo@matteo-stable:~$ ls -la /var/www
totale 24
drwxrwsr-x  5 matteo matteo 4096 2011-12-17 13:55 .
drwxr-xr-x 18 root   root   4096 2011-12-17 14:03 ..
drwxrwsr-x  5 matteo matteo 4096 2011-12-18 19:34 CloudNotesCI
drwxrwsr-x  6 matteo matteo 4096 2011-12-11 19:52 CloudNotesLayout
-rw-rw-r--  1 matteo matteo   25 2011-12-11 20:26 info.php
drwxrwsr-x  7 matteo matteo 4096 2011-12-17 13:55 OldP

Could you provide the output of 'ls -la /var/www' please? And, did you change permissions with ACL? — , Dec 18 '11 at 18:50

roadmr · Answer 1 · 2011-12-18T19:00:22.327

You need to set the "umask". If you want to do it systemwide, you can change the value in /etc/login.defs. If you want to do it on a per-user basis, do it in each user's .profile.

You can check the current umask by giving the command "umask" with no parameters. It may output something like this:

0002

With this value, files you create will be readable and writable for you and your group, while being only readable for all others. If you want to create files that are world-writable (a discussion on the security implications of this is out of scope here) change the umask to 0000:

umask 000

as I mentioned, to change this persistently for your user, edit .profile, uncomment the line containing "umask 022" and change the value accordingly.

Read an excellent explanation of what the umask values mean in Wikipedia:

http://en.wikipedia.org/wiki/Umask

currently i've this umask: "UMASK 022" in login.defs how should i change it? and where i can find user's.profile? — Matteo Pagliazzi, Dec 18 '11 at 18:57

score 1 · Answer 2 · edited Apr 13 '17 at 12:23

Glad you got it solved.

The /var/www directory has the "set group id" or "setgid" bit turned on (the "s" in drwxrwsr-x). So when new files are created inside /var/www, the files will be owned by the directory's group and not the user's group. New directories also take the parent directory's group, and they will use the setgid bit. (So, at some point, you did a sudo chmod g+s /var/www.)

I posted some on ACL...

Whats the simplest way to edit and add files to "/var/www"?

Default file permissions for php user www-data

score 0 · Accepted Answer · answered Dec 18 '11 at 19:02

I've found the solution.

My umask is

so every new file should give read and execute rights to all users out and in my groups like what i want.

The problem was in my templates files which had different permission, now i've changed thems it works correctly

How do I set the permissions for newly created files?

3 Answers3