Results 1 to 3 of 3

Thread: Apache user umask

  1. #1
    Peetrus NNTP User

    Default Apache user umask

    My apache webserver is running as user wwwrun in the group users. When I upload a file using a php script, that file is created on the server as user wwwrun and in the group users with 755 permissions. The problem is that I want them to be 770, so a user can admin these files. Is there any way to set a umask for apache in opensuse 10.2? I've already googled for this problem, which seems easier to fix in other distros. I've found no information about suse.

  2. #2
    Join Date
    Jun 2008
    Location
    UTC+10
    Posts
    9,683
    Blog Entries
    4

    Default Re: Apache user umask

    You could put a umask in the Apache init script just before firing up the service.

    You may not get the group write bit though, because a umask can only mask out permission bits, not force on permission bits. It depends on whether the create in the Apache server/php module has that group write bit on in the creation mode.

    A more workable scheme might be to put wwwrun in the users group, make the directories group owned by users, and set the setgid bit on any upload directories. The setgid bit will force any files and subdirectories created in the directory to be group owned by the group of the directory, i.e. users.

    Or you can create a different group for each purpose, putting wwwrun in each group.

  3. #3
    Peetrus NNTP User

    Default Re: Apache user umask

    Thanks, that first option works for me.

    I've put "umask 0007" in the init script right before apache is started. I also added the user wwwrun to the users group, but I don't know if that was necessary for this purpose, but it's more clean. And that could have been the reason apache couldn't read files from a user with 770 permissions in the past. Before today I only edited /etc/apache2/uid to run apache in the users group.

    Thanks for solving a lot of weird apache-related problems .

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •