Home / ubuntu / Questions / 244406
Accepted
nLinked
Asked: 2013-01-18 13:18:03 +0800 CST

How do I give www-data user to a folder in my home folder?

  • 772

I have a folder: /home/myuser/folderA

I want to give the www-data user write access to the above, while 'myuser' continues to have normal access (as it is myuser's home folder anyway).

Which commands do I need to use?

Note: I don't want www-data to have access to any other folders in /home/myuser/.

Thanks in advance.

permissions

2 Answers

  1. Best Answer

    First, add yourself into the group www-data

    usermod -a -G www-data (your username)

    Then:

    chgrp www-data /home/myuser/folderA
chmod g+rwxs /home/myuser/folderA

    Should do the trick unless the permissions on your /home/myuser do not permit other users access.

    The first command changes the group ownership of the folder to that of the webserver. The second command gives members of the www-data group read, write, enter-directory rights, and the group s flag will ensure that any files that get created inside that directory take www-data as the group - so if you create a file as myuser the www-data user will have access.

    Nb. this also depends on the umask settings of both your user account and the webserver: you need to make sure that files created in folderA have group rw access (and directories created within need group rwx)

    If your webserver does not have enter rights into your /home/myuser dir (quite sensible) then it's not going to get in there unless you do something else. Two solns:

    1. sudo mount --bind /home/myuser/folderA /var/www/mysite/folderA (this is an ugly hack and would have to be repeated after reboot. But a powerful trick, also can be used to make folders accessible inside SSH jails.)

    2. Simply move the shared folder somewhere else, e.g. /home/shared-stuff/folderA.

    The 2nd option is nicest. Let's say the stuff in folderA is really public and you don't care who sees it, you can set it up like

    sudo mkdir -m777 /home/shared-stuff

    Then you can put inside that, say, folderA with permissions as above, and folderB that www-data should not have access to with different permissions, e.g. 

    $ cd /home/shared-stuff ; ls -l
drwxrwsr-x 2 myuser www-data   4096 Jan 17 21:46 folderA
drwxrwx--- 2 myuser myuser     4096 Jan 17 21:46 folderB
    • 60

  2. Another way is to change the username directly in apache config, this is if it's your local machine and you save images from somewhere else that would crush any permissions made on the folder. Also to do if you have only 1 user and don't care about www-data!

    $ sudo vi /etc/apache2/apache2.conf

    Find User and Group and put yours
    User <Your User>
    Group <Your Group>

    $ sudo service apache2 restart
    • 7