Ftp – Setting umask 002 for the apache, lighttpd, … didn’t work


I'm trying to make the files that created by webserver (Apache, lighttpd, …) can be writable by the ftp users. Adding apache to nobody group and the vise versa. umask 002 for ftp works fine. But the webserver seems to ignore my umask setting in /etc/sysconfig/:

grep umask /etc/sysconfig/httpd 
umask 002

or /etc/init.d/:

start() {
    echo -n $"Starting $prog: "
    umask 002
    daemon $lighttpd -f $LIGHTTPD_CONF_PATH
    [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
    return $RETVAL

That files are still created with 755 permission:

-rwxr-xr-x 1 apache nobody 28243 Jul 28 09:49 ssvzone_997.js
-rwxr-xr-x 1 apache nobody 26224 Jul 28 09:49 ssvzone_998.js
-rwxr-xr-x 1 apache nobody 19686 Jul 28 09:49 ssvzone_999.js

-rwxr-xr-x 1 lighttpd nobody 23949 Jul 29 15:50 ssvzone_999_1.js
-rwxr-xr-x 1 lighttpd nobody 20668 Jul 29 15:50 ssvzone_999_2.js
-rwxr-xr-x 1 lighttpd nobody 22294 Jul 29 15:50 ssvzone_999_3.js

So, what is the root cause?

PS: I saw the some similar questions but none of them can help.

Best Answer

Umask doesn't set bits. It could be that the application that creates the files doesn't ask for the group w bit to be set or that it explicitly chmods the file itself to be 'safe'.

What does a simple php script report for the umask ?

    system ("umask");

On a CentOS system I have to hand it reports the default 0022 or whatever I set it to in /etc/sysconfig/httpd