![]() ![]() That means you'd need to run sudo -u apache -g www. If you're doing that anyway, it's probably easier to not worry about SETGID or similar, and instead to just make sure the group is set by having the right group in the owning process too. So if you're currently running and want the file to start owned by apache, you'd probably want to run sudo -u apache so the process runs as the apache user. If you want to create a new file with a different owner, you'll need to ensure whatever process creates the file has the user you want. ![]() How the owner is determined is explained in detail in the chown(2) man page, but the owner will always be the user account that's running whatever process created the file, although you can have a different group to the process's group by fiddling with SETGID or ACLs as others have suggested. New files in POSIX-like file systems always have an owning user and an owning group. The X permission (note: it's uppercase) means it will only be applied to directories and not files. These entries must be separated by a comma. Then after that it's pretty straight forward The -m indicates it will be a modification operation.The -R flag sets operations to apply recursively.The -d flag specifies the operations apply to the Default ACL.rw-rw-r-+ 1 gene gene 0 Aug 7 13:57 donkeyĪn overview of the command: setfacl -dRm u:apache:rwX,g:www:rwX /var/www When new files are created there by they will still be owned by your user, but there will also be an ACL set on it granting privileges to the apache user: $ touch donkey $ sudo setfacl -dRm u:apache:rwX,g:www:rwX /var/wwwĭrwxr-xr-x+ 2 apache www 4096 Aug 7 13:53 /var/www For example: $ ls -ld /var/wwwĭrwxr-xr-x 2 apache www 4096 Aug 7 13:53 /var/www
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |