Ensure www-data is always able to write
Published: Thursday, Jun 19, 2014 Last modified: Monday, Dec 9, 2024
Annoyingly different distros run under different users, i.e. not www-data
. I test with:
<?php echo exec('whoami'); ?>
For example I think Fedora use apache
user even if you use nginx. Debian is
better since it generally uses “www-data” across the board.
Ensure your fs is mounted with acl
in order for the setfacl
commands to work!
mount | grep acl
/dev/root on / type ext3 (rw,noatime,errors=remount-ro,acl,barrier=0,data=writeback)
or check with sudo tune2fs -l $YOUR_DISK | grep Default
Now to ensure www-data always has free reign:
# chmod g+s . # Make sure properties are inherited
# setfacl -R -m default:group:www-data:rwx /srv/www
See https://github.com/kaihendry/myresponder/blob/master/setup.sh for a fully worked example.
Again getfacl
get check!