Ensure www-data is always able to write

Published: Thursday, Jun 19, 2014 Last modified: Monday, Dec 9, 2024

Annoyingly different distros run under different users, i.e. not www-data. I test with:

<?php echo exec('whoami'); ?>

For example I think Fedora use apache user even if you use nginx. Debian is better since it generally uses “www-data” across the board.

Ensure your fs is mounted with acl in order for the setfacl commands to work!

 mount | grep acl
/dev/root on / type ext3 (rw,noatime,errors=remount-ro,acl,barrier=0,data=writeback)

or check with sudo tune2fs -l $YOUR_DISK | grep Default

Now to ensure www-data always has free reign:

# chmod g+s . # Make sure properties are inherited
# setfacl -R -m default:group:www-data:rwx /srv/www

See https://github.com/kaihendry/myresponder/blob/master/setup.sh for a fully worked example.

Again getfacl get check!