Reputation: 699
I'm running Ubuntu and would like to be able to upload files using SSH to update the website code.
my ubuntu user ( id ubuntu )
root@****:/var/www# id ubuntu
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),33(www-data),44(video),46(plugdev),102(netdev)
My ubuntu groups (groups ubuntu)
root@****:/var/www# groups ubuntu
ubuntu : ubuntu adm dialout cdrom floppy sudo audio dip www-data video plugdev netdev
All the groups on my ubuntu server (more /etc/group)
root@****:/var/www# more /etc/group
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:syslog,ubuntu
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:ubuntu
fax:x:21:
voice:x:22:
cdrom:x:24:ubuntu
floppy:x:25:ubuntu
tape:x:26:
sudo:x:27:ubuntu
audio:x:29:ubuntu
dip:x:30:ubuntu
www-data:x:33:ubuntu
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:ubuntu
sasl:x:45:
plugdev:x:46:ubuntu
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
libuuid:x:101:
netdev:x:102:ubuntu
crontab:x:103:
syslog:x:104:
fuse:x:105:
messagebus:x:106:
mlocate:x:107:
ssh:x:108:
landscape:x:109:
admin:x:110:
ubuntu:x:1000:
mysql:x:111:
ssl-cert:x:112:
Why am i unable to overwrite files in the /www/var/html folder as Ubuntu user?
EDIT
My Folder permissions for /var/www and /var/www/html are:
root@****:/var/www# ls -l
total 4
drwxrwxr-x 3 www-data www-data 4096 Oct 13 20:24 html
root@****:/var/www# cd html
root@****:/var/www/html# ls -l
total 4
drwxrwxr-x 9 www-data www-data 4096 Oct 13 20:24 somefolder
MOUNTED DRIVES (mount)
root@****:/# mount
/dev/xvda1 on / type ext4 (rw,discard)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
none on /sys/fs/cgroup type tmpfs (rw)
none on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
udev on /dev type devtmpfs (rw,mode=0755)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
tmpfs on /run type tmpfs (rw,noexec,nosuid,size=10%,mode=0755)
none on /run/lock type tmpfs (rw,noexec,nosuid,nodev,size=5242880)
none on /run/shm type tmpfs (rw,nosuid,nodev)
none on /run/user type tmpfs (rw,noexec,nosuid,nodev,size=104857600,mode=0755)
none on /sys/fs/pstore type pstore (rw)
/dev/xvdb on /mnt type ext3 (rw)
systemd on /sys/fs/cgroup/systemd type cgroup (rw,noexec,nosuid,nodev,none,name=systemd)
Upvotes: 3
Views: 3908
Reputation: 2691
"Why am i unable to overwrite files in the /var/www/html folder as Ubuntu user?"
My understanding is that you are able to write files inside /var/www/html but you are unable to overwrite files written by other www-data
group users (If you cannot overwrite the files/directories owned
by you, that's a completely different problem).
You are allowed to write files inside /var/www/html
for these reasons:
www-data
user and is in the group www-data
www-data group
By default, when you create a file/directory inside /var/www/html, you are the owner of the file and the group of the file is set to your primary
group (ubuntu
in your case).
Others outside your primary group have no write
permissions.
-rw-rw-r-- 1 ubuntu ubuntu 123 Oct 12 13:14 test.html
This policy is the same for all the users of www-data group and creates a problem of not allowing you to overwrite a file created by other members of www-data (unless they manually change the file group to www-data).
A solution to this problem, is to force every file/directory created inside /var/www/html to have www-data
as the group. This is done using setgid
sudo chmod g+s /var/www/html
Make sure all the group users have write permissions for all the files/directories:
sudo chmod -R g+w /var/www/html
Setgid for already existing directories inside /var/www/html
sudo find /var/www/html -type d -exec chmod g+s {} +
Upvotes: 2