Setting up a new webserver in Ubuntu 14.04 and trying to wrangle file permissions for PHP generated files.
By default, all the directories and files in /var/www are owned/grouped to www-admin. Directory permissions are rwxrwsr-x and file permissions are rw-rw-r--.
We then set the group on a limited number of directories to www-data – this is so that PHP (via Apache) can write log and cache files in this location.
However, I cannot get PHP to obey a umask of 0002, and so files generated by PHP are only writeable to the www-data user. This is a problem, since we use continuous integration, and some other cleanup processes.
So far, I have:
- Set the umask to 0002 in
/etc/pam.d/common-session - Set the umask to 0002 in
/etc/pam.d/common-session-noninteractive - Set the umask to 0002 in
/etc/profile - Set the umask to 0002 in
/etc/apache2/envvars - Set the umask to 0002 in
/etc/login.defs - Set the umask to 0002 for
www-datain/etc/passwdusingsudo chfn -o "umask=002" daemon_username
And I'm still stuck.
I've stopped/started the service, and even restarted the computer – no joy.
Best Answer
"umask 002" in /etc/apache2/envvars should work.
Take notice that Apache must be restarted by "service apache2 stop; service apache2 start" for taking effect, not by "service apache2 restart"!
See here if you need an more detailed sample: https://serverfault.com/a/384922/228027