Home / ubuntu / Questions / 706104
In Process
pebox11
Asked: 2015-12-05 19:38:32 +0800 CST

How to set the correct permissions between development and production

  • 772

DEVELOPMENT

On my development server I have an Ubuntu user named user1. When user1 runs PyCharm (user1 must run a Django app) as sudo then the app at a later stage is required to create a folder folder1 to hold some personal files of user1. Now this folder when PyCharm is ran with sudo is created with owner:group = root:root.

  1. Why I get this owner:group in the folder? Is it because I used sudo?

Now, when user1 runs PyCharm without sudo the same folder is created with owner:group = user1:user1

  1. why I get this owner:group in the folder? Is it because I didn't used sudo and was logged in as user1?

  2. Which process decides the group a created folder belongs to?

PRODUCTION

Again user1 has to run the Django app, but through the gunicorn service this time, which since it is a service can be ran only with sudo, so I always get the folder1 created as owner:group = root:root.

Now since my desired folder1 creation status needs to be user1:user1 and I can't run the gunicorn service without sudo what are the appropriate permission settings that would allow to have this? Bare in mind that the user needs to delete and re create this folder and all of its children under the same wanted permissions, so a simple manual chmod won't solve the problem.

  1. How I should configure the production account to be able to have this behavior?

I am sorry if I confused you but I tried to describe in a very detailed manner the problem. Thank you very much.

permissions

1 Answers

  1. Question #1 and Question #2: you have already answered them yourself! The user who runs a directory creation command becomes the owner of the directory. When you run a command with sudo, then this command is (by default) run ‘as’ the super user. The super user is called root, consequently root becomes the owner of new directories. When you run a command without sudo, then the user who is running the command (user1 in your case) becomes the owner of created directories.

    Question #3: For every user there is a default group that is used when files/directories are created (leaving some details aside). It’s the first group you see when running the groups command in a shell. In Ubuntu there is usually a default group with the same name as the user name.

    Question #4: I’m not sure why your folder1 needs to be accessible by user1 if everything is run by root in production. One possibility to solve the permissions might be to chown user1:user1 /path/to/folder1 when it is created by root. But to be honest, this whole setup sounds a bit shaky to me without knowing more about what you are actually doing.

    • 1