Centos – How to make the user the owner of new files

centospermissions

I have VPS with CentOS 5.4.

This is production server.

The problem is when my webiste installs some scripts from site , then the owner name is not written on the file and as user i can even change the file permissions.

Is there any way that which ever script is writing file , the owner of home directory should the owner of all the files

Best Answer

Note: this solution requires changing permissions for file creation for specific users and directories.

Setting the setgid permission bit on a directory that will be written into will keep all new files written in that directory assigned to the group of that directory (instead of to the group of the user that created them).

If the HTTP server's user creates files with group write permissions by default, then all files written into directories in the proper user group and with the setgit bit set will be fully accessibly by the users in that group.

Setting the setgid bit on directoryname setting proper group ownership:

chmod g+s directoryname
chown :groupname directoryname

If group-write permission is not set by default, you'll need to set the umask of HTTP server user.

Related Solutions

Svn – Subversion and mod_dav_svn: Why make www-data the owner of the files instead of root

You wouldn't typically want root to be the owner of the repository because that would mean that apache (httpd) had to be running as root in order to access the svn repository, which is usually considered a security risk.

In my experience, you mostly interact with subversion via apache. Since that is the case, it seems easier and more natural to just let apache (www-data) be the owner of the subversion repository. If you have created your subversion repository in a separate directory structure from your web sites, there should be no confusion about which files are used for what. For example, I have /data/www for my websites and /data/svn for my svn repositories.

Then to allow yourself the ability to modify the repository config files and hook scripts, just make yourself a member of the www-data group and perform the:

sudo chmod -R g+ws /svn/myrepo

as you mentioned above and you're good to go.

I don't see a benefit to separating the svn repository owner from the apache user, but if you really insisted on doing that, you could create a subversion user in addition to the subversion group and make the owner of /svn/myrepo be subversion:subversion. Then just make yourself and apache a member of the subversion group and modify the directory permissions as above.

Linux – How to make new files automatically belong to group

chmoding a directory setgid (g+s) will make all files created within it inherit group ownership.

Best Answer

Related Solutions

Svn – Subversion and mod_dav_svn: Why make www-data the owner of the files instead of root

Linux – How to make new files automatically belong to group

Related Topic