Permission problem for a user

  • Posted October 26, 2014


When i run this commands

sudo chown -R www-data:www-data /var/www

and then this one:

sudo chmod -R 775 /var/www

My user tokar86a dont have access to upload files any more in the www folder. How can i give him that access? whiteout changing the folder permission i have set above. I need to have that so wordpress works.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

So the problem is that www-data needs to have write permission to some of the files and folders you upload. It would be good to know which files WordPress requires write permission to and only give it to those files.

There is a less secure solution which involves giving write permission to only your user and www-data.

First lets take care of the initial permissions.

sudo chown -R tokar86a:www-data /var/www

Give setgid to /var/www so every file created in it will inherit it’s group ID.

sudo chmod g+s /var/www

Now make sure that uploaded files will get rw- rw- --- permissions. Open sshd_config.

sudo nano +77 /etc/ssh/sshd_config

Find the line Subsystem sftp /usr/lib/openssh/sftp-server and append -u 017 to it.

Subsystem sftp /usr/lib/openssh/sftp-server -u 017

Save the file and reload SSH to activate the modification.

sudo reload ssh

Reconnect to SFTP and the problem should be solved. Uploaded files should be owned by your user. The group should be www-data and the permission should be rw- rw- ---.

If you want to retain read permission to world you can use 013 instead of 017.

What is happening here is that the files you upload through FTP are owned by the user you used to upload with and they probably have rwx --- --- permissions so www-data can’t do anything with them.

I assume you use VSFTPD as the FTP server. In which case you can find a setting called local_umask in vsftpd.conf which probably equal with 077. That is the permission of the uploaded files.

You could change local_umask to 022 which would make the uploaded files have rwx r-x r-x and www-data would be able to read all the files.

Don’t forget to restart the FTP server after changing it’s configuration.

sudo service vsftpd restart

In a production environment I would not recommend setting local_umask in a way that gives write permissions automatically. I would give write permissions specifically by hand to the required directories and users.

If you are developing something and not deploying to a production environment you can set local_umask to 000 to speed up the process, but only do this if you doing it on a private development environment!

One possible solution is that to change the group to your user’s group. That way www-data and tokar86a will both have write permission.

sudo chown -R www-data:tokar86a /var/www

By adding both users to the same group and chowning it to that group.