Question

Fixing permission settings on www folder

Posted August 6, 2019 409 views
Security LAMP Stack Configuration Management Ubuntu 18.04

Hey,

I spun up a new droplet right before the weekend and have been working on setting it up properly for my very small team. I’ve read a multitude of posts on StackOverflow and ServerFault about how to properly configure the “/etc/www/html” folder permissions.

I can get what seems like proper permissions for my own user, however when I try to log in to another user, they get permission denied regardless if we’re in the same group or not.

What I’m aiming at is properly securing the /etc/www/html folder without breaking anything for the www-data user (I’ll manually chmod any folder it needs write access to for uploads and such) and giving the group “webmasters” read/write access on “/etc/www/html” so that they can work in it. (Editing files, uploading, etc.)

Can anyone help me out?

Add a comment
Dizzzy
By:
Dizzzy
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer
KDSys August 6, 2019

Hi Dizzzy,

From what I understand, you want to allow multiple users to edit the same directory, is that correct?

*There are two ways to do this : *

  • Add the users to the www-data’s group
  • Add the users to the sudoers group

Add the users to the www-data’s group

You can create new users and add them to the www-data’s group. That way the new users will have read/write access to the folders with ownership www-data.

You’ll start by creating the user by using the adduser command

sudo adduser exampleuser

Next step would be to add the new User Account to the needed the relevant group 

 sudo usermod -a -G examplegroup exampleusername

Where the examplegroup is www-data.

Add the users to the sudoers group

You’ll start by creating the user by using the adduser command

sudo adduser exampleuser

Then use the usermod command to add the user to the sudo group 

sudo usermod -aG sudo exampleuser

Lastly, you can use test if everything was done correctly by using the su command 

sudo su - username

Once you are run you can execute something like:

sudo ls -la /etc/www/html

If the directory is listed then you are good to go.

There is something I like to point it. If you add your users to the sudoers group, they’ll have access to all files on your server not just /etc/www/html. If this is not something you want, I would suggest using the first method.

Kind regards,
Kalin D.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help