i am working on Debian10 with php8 fpm + apache2 , I've created a new user with a group username:username , and i've set a home directory for this user located at
/home/username/www
of course i've chmod -R all the folders and files to username:username , before it was www-data when the files was inside /var/html
so basically i have a small script trying to write a cache folder but it is not working when i chmod the folders to username:username , its only work if i chmod the folders to www-data ?
the cache folder chown 755 , and it working fine if owned by www-data not username
is it possible to allow username has a write permission like www-data?
PS : username is an example for the real one
A possible approach to let
usernamecontrol stuff, whilewww-datahas read only access for security reasons and write access only where its needed:Set
usernameas owner andwww-dataas groupGive full access to owner (read/write/exec: 7) and read only access to group (read/exec: 5). The
Othergroup here has no access (0).Give write access to
www-datawhere its needed:Files created by webserver will be fully owned by itself (
www-data:www-data) but the directory owner (username) still can move them.By default, when you install PHP-FPM it installs a single pool which runs as the
www-datauser. If you change theuserandgroupin/etc/php/8.0/fpm/pool.d/www.confto the right user, then your script will run as the user, andwww-datawill not need write permissions.Your config have these 2 lines by default:
Replace those lines with:
Restart the FPM daemon