Last active
May 22, 2023 09:32
-
-
Save eoli3n/30e689333db4980cf5845282474a7e48 to your computer and use it in GitHub Desktop.
Give the ability to a unprivileged user to manage a website
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- For the demonstration --- | |
| root@work /# mkdir /var/www | |
| root@work /# useradd www-data | |
| root@work /# chown www-data:www-data /var/www | |
| # Add the user to the www-data group | |
| root@work /# usermod -a -G www-data user | |
| # Use the setgid bit to let subdirectories inherit from the group | |
| root@work /# chmod 2775 /var/www | |
| # Use acls to set default group permissions | |
| root@work /# setfacl -d -m group:www-data:rwx /var/www | |
| --- For an existing website --- | |
| root@work /# chgrp -R www-data /var/www/site | |
| root@work /# chmod -R 775 /var/www/site | |
| root@work /# find /var/www/site -type d -exec chmod 2775 {} + | |
| root@work /# find /var/www/site -type d -exec setfacl -R -m group:www-data:rwx {} + | |
| root@work /# find /var/www/site -type d -exec setfacl -R -d -m group:www-data:rwx {} + |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment