Apache user umask

My apache webserver is running as user wwwrun in the group users. When I upload a file using a php script, that file is created on the server as user wwwrun and in the group users with 755 permissions. The problem is that I want them to be 770, so a user can admin these files. Is there any way to set a umask for apache in opensuse 10.2? I’ve already googled for this problem, which seems easier to fix in other distros. I’ve found no information about suse.

You could put a umask in the Apache init script just before firing up the service.

You may not get the group write bit though, because a umask can only mask out permission bits, not force on permission bits. It depends on whether the create in the Apache server/php module has that group write bit on in the creation mode.

A more workable scheme might be to put wwwrun in the users group, make the directories group owned by users, and set the setgid bit on any upload directories. The setgid bit will force any files and subdirectories created in the directory to be group owned by the group of the directory, i.e. users.

Or you can create a different group for each purpose, putting wwwrun in each group.

Thanks, that first option works for me. :slight_smile:

I’ve put “umask 0007” in the init script right before apache is started. I also added the user wwwrun to the users group, but I don’t know if that was necessary for this purpose, but it’s more clean. And that could have been the reason apache couldn’t read files from a user with 770 permissions in the past. Before today I only edited /etc/apache2/uid to run apache in the users group.

Thanks for solving a lot of weird apache-related problems :slight_smile: .