Linux users', specifically Apache, permissions settings, [Linux noob :]
Question
I have user : nobody and group : nogroup set for apache in httpd.conf . Since I also use my own user to manage files on ssh through Samba , I would like to have access to the www folder for read/write, and also allow apache to read these files.
Some folders should have apache's write permissions.
Should I leave apache as nobody|nogroup ?
I was thinking I should set my own user under a group called say "webadmins" and set apache a new user called say "apache" under the same group. Then allow the group to read from all files, but only my user will have write files. Whenever apache would need a write permission inside a folder, I would manually change that. Is this a fair enough approach or am I missing something?
Thanks!
1 answers
solution1
1 2013-07-22 21:53:14
usually any daemon will need to access a number of ressources. it is therefore good practice to run each daemon under a special user:group, rather than nobody:nogroup .
traditionally (eg on Debian systems) apache runs as www-data:www-data .
finally, user permissions take precedence over group permissions (which in turn take precedence over other permissions). this means that a directory where the user does not have write perms but the user's group can write is effectively r/o for that user (but not for other members of the group)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.