[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2236
  • Last Modified:

Recommended file permissions for /var/www/html

Hello Experts - Linux Newbie with a question.

I am running Fedora5 with Apache2 and have a question about file permissions.   I want to allow developers the ability to SSH in and modify files.  I am using /var/ww/html directory and each website in a subdirectory has permissions of 755 with Owner=root and Group=Apache.

When the developers SSH in they are unable to edit or modify the files.  Right now they have to SU as root.  I used webmin and changed their primary group to root but that still didn't work.  Right now they are having to su as root. I'd prefer to have them use their regular account.  I was trying not to change the permissions of the files from root:apache for fear of breaking something on the website.

1 Solution
What'd I'd do is create a new group, eg: webdev, then do

chgrp -R webdev /var/www/html
chmod -R g+w /var/www/html

then put whatever users who need edit rights to the files under /var/www/html in the webdev group.
u have to add developer user to the apache group
usermod -g developer apache

Before that delete the developer user from the root group.
Steve BinkCommented:
I use Tintin's method.  I have a group called webowner which owns all files and directories in the document roots for my various sites.  At the user level, all are owned by Apache's user.

ibu1's solution creates a vulnerability by allowing developers to change files used for the apache server itself.  No one but apache should be part of apache's group.

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now