Reputation: 55
My nginx's root folder /usr/share/nginx/html
is owned by root:root but I need to add/edit/delete files with my user mark
. Also, I'm using PHP with fastcgi (php-fpm) and I need to upload file in a specific directory /usr/share/nginx/html/userfiles
. My current configuration is like following:
sudo groupadd webdev;
sudo usermod -a -G webdev mark;
sudo chown root:webdev /usr/share/nginx/html;
sudo chmod 2775 /usr/share/nginx/html -R;
sudo chgrp -R www-data /usr/share/nginx/html/userfiles;
I found out some problems about uploaded files (they are created in /usr/share/nginx/html/userfiles
correctly, but my user mark
can't open/edit/delete these files). How can I solve it? Any suggestions for a better configuration?
Upvotes: 3
Views: 5202
Reputation: 12255
You are right in sharing access to files by having a common group, but the files and directories you create must belong to the group and also be read/write to the group.
Files created by PHP I assume will be in group www-data, but will probably not have group write permission unless you change the umask in /etc/init/php-fpm.conf
. Add a line:
umask 0002
If your id has www-data amongst its groups, you will be able to edit the file.
If you create a file, it will not be in group www-data, but probably your
own group mark
. So if you want PHP i.e. www-data to be able to edit that
file you need, by symmetry, to usermod -a -G mark www-data
, and ensure when you create
files that they are read/write to the group (umask 2 and check or chmod g+w).
Ensure the directory userfiles is rwx to the group www-data, or chmod g+rwx it.
Upvotes: 2