13

I have changed owner of the /var/www/html folder to www-data. Now I want to grant ownership to ubuntu as well.

How can I do that? I don't know which group they belong to. I login to ssh by using ubuntu username and my FTP is also working with ubuntu, but now due to this change I am facing permission issue when editing a file via ftp.

Ivan Bila
  • 105
urfusion
  • 271

1 Answers1

14

Solution 1

Easiest way if only that one user ubuntu and www-data need access would be

sudo chown ubuntu:www-data <path/to/file or directory>

this gives ownership to the user ubuntu but still keeps the ownership for the group www-data.

So you control what ubuntu can do by

sudo chmod u<+|- permission> <path/to/file or directory>

and you control what www-data can do by

sudo chmod g<+|- permission> <path/to/file or directory>

or simply use complete permission masks (see example below).

Example:
User ubuntu shall be able to read(r), write(w), execute(e)
www-data shall be able read(r), execute(e) but not write(w)
other users shall be able to do none of those

sudo chmod u+rwx <path/to/file or directory>
sudo chmod g-w+rx <path/to/file or directory>
sudo chmod o-rwx <path/to/file or directory>

or using a permission masks (helpful generator)

sudo chmod 750 <path/to/file or directory>

Also interresting for your case might be the -R parameter for both commands, applying ownership and permissions recursively on the content of a folder.

For more information about options and parameters see
man chown and man chmod

Solution 2

I would rather NOT add a user to a system functional user's group as suggested in the comments like

sudo usermod -a -G www-data ubuntu

as this is a really dirty way of granting a user permissions because he could also mess up things...

Instead if you want you could add a completely new group using groupadd (see man groupadd)

groupadd <group name>

add all users who shall have the permissions on the file(s) to this group

sudo usermod -a -G <group name> ubuntu
sudo usermod -a -G <group name> www-data

(for more information see man usermod)

and now set the ownership of the file(s) to this group

sudo chgrp <group name> <path/to/file or directory>

than you set the permissions as described before but this time only for the
group (read(r), write(w), execute(e))

sudo chmod g+rwx <path/to/file or directory>
sudo chmod u-rwx <path/to/file or directory>
sudo chmod o-rwx <path/to/file or directory>

or using the mask

sudo chmod 070 <path/to/file or directory>

Note that using this solution you lose the control over the different permissions for ubuntu and www-data.

Ravexina
  • 55,668
  • 25
  • 164
  • 183
derHugo
  • 3,356
  • 5
  • 31
  • 51
  • dont take it, it was just my thought, ok. btw, can you mention two words about, why www-data shouldnt have write permision? – T.Todua Jan 08 '19 at 20:57
  • 1
    I have four: It was an example. I only used it to show how the permission flags work. Ofcourse there might be use cases where e.g. the server should be able to write a file as well :) – derHugo Jan 08 '19 at 21:01
  • thanks! ! last thing - if you could mention two words about -a and -G flags you used, could have been nice also for novices like me – T.Todua Jan 08 '19 at 21:06
  • and last's last thing: somewhere i've seen similar solution, but after creating a group, using gpasswd -a <username> <group name>. can you elaborate on that as well in post? and also, how it will be if there needs to be 3rd user, in solution1 ? – T.Todua Jan 08 '19 at 21:07
  • If www-data is a user name not a group name, can you still do sudo chown ubuntu:www-data <path/to/file or directory>? – Damn Vegetables Oct 02 '22 at 06:30
  • @DamnVegetables no. Most of the times there is an according group for each user though ... wouldn't recommend it though.. rather create according shared group and add the users to them as needed – derHugo Oct 02 '22 at 06:45