osx - Force file and sub-directory permissions on OS X server

06
2014-04
  • Adam

    We have an OS X development server at work for five developers, creating mainly Symfony2 based websites. Out of the five only two of us are in the sudo group, meaning if the others had issues with permissions they wouldn't be able to just sudo fix them.

    I've put us all in a developers group, including the Apache user, and set the group of the root directory of all the websites to developers. I've also added the setgid flag, so any sub-dirs and files created within will inherit the group. This works perfect.

    The only problem is that any files or sub-directories created by Symfony2 (namely the cache and log files) are not being created with the group writeable permission. I've come across the chmod +a option, and attempted to set-up an ACL entry as so:

    sudo chmod -R +a "developers allow write" path/

    Which added a "+" to the end of the permissions list shown with ls. Unfortunately though new files are still not created with group write. Could anybody tell me what I'm doing wrong please?

    • Answers
  • heiglandreas

    Those new files will not have the group write set as the change you made only affects the ACL of the file. ACL and POSIX-Rights are two separate things!

    In my Eyes you have two options:

    • Change the umask of the web-server or
    • Set the ACL to the parent folder so that it gets inherited downwards. As the ACL gets checked first any read or write-permissions set here should be used by the server.

    The second alternative would be - in my opinion - the better one as it doesn't matter what umask is set in the PHP-Application creating your files or folders as it is set on the system level.


    • Related Question

    linux - Chmod to allow read and write permissions for directory
  • chrissygormley

    I have created directories in root. I am looking for the chmod command to allow all users read and write permissions to a specific directory. I have done chmod 775 for a file but I need this for a directory. This includes permissions on all files and sub directories.

    Thanks for any help.


    • Related Answers
  • Russ

    0775 is rarely correct for a file. The following will add the appropriate desired permissions to the appropriate type, without disturbing other existing permissions:

    find somedir \( -type d -exec chmod u+rwx,g+rwx,o+rx {} \; -o -type f -exec chmod u+rw,g+rw,o+r {} \; \)

    See the man page for find to help decipher that.

  • unwind

    For all users to have read and write access, that would be 0777 which is a bit dangerous, especially if you are running a webserver. Like @unwind said:

    chmod -R 0777 /mydirectory Will allow all users read and write access to all files and folders within that directory

    Depending on your purpose, you may want to read about sticky bits, which allow all users to create new files, but not to delete or edit other files in a directory:

    chmod +t /mydirectory

    Also, in case you didn't know man chmod will bring up the manual page for the chmod command, which you can search for the text "recursive" by typing /recursive