file permission to particular folder for a few users

Hi Friends


I want to add file edit permissions for /var/www/html to few users. How do i do that?
LVL 5
liveaspankajAsked:
Who is Participating?
 
Kerem ERSOYPresidentCommented:
Hi,

- first off just add these users in in HTTP group:
 - edit /etc/group
 - find the http group (I assume it is apache)
 - add the users to that gorup such as
 
apache:x:48:user1,user2,user3

- then locate your document root ( I assume it is /var/www/html) You can check it through your http.conf look for DocumentRoot tag.
- run this command:
  chmod -R w+g /var/www/html

- This wil enable apache group members to have the right to modify files in the document root.

This is it.

Cheers,
K.
0
 
Kerem ERSOYPresidentCommented:
Opps my bad:

chmod -R g+w /var/www/html

now that the permission on the directory should look like this

# ls -al /var/www/html
total 4660
drwxrwxr-x 36 root root  12288 Apr 25 01:44 .
drwxr-xr-x 12 root root   4096 Apr 11 18:59 ..
-rw-rw-r--  1 root root  72545 Jul 20  2009 index.html


So that any user in apache group could modify the contents.

Please note the italic parts. This is the group information writable to the group members.


0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Kerem ERSOYPresidentCommented:
@Abhishek_Chib: Only this is different since he should make the users into an existing group (apache or www depending on the distro) not to create a new group from the scratch.
0
 
liveaspankajAuthor Commented:
all lines in group file ends with ":"? i feel. do i need to end that line with colon as well.

i see an existing etry as
apache:x:48:

do i append user1,user2 to that?
0
 
Kerem ERSOYPresidentCommented:
all lines in group file ends with ":"? i feel. do i need to end that line with colon as well.

i see an existing etry as
apache:x:48:

do i append user1,user2 to that?

Yeah it should look like:
apache:x:48:user1,user2,user3

when you finish.
0
 
woolmilkporcCommented:
"man setfacl"


wmp
0
 
liveaspankajAuthor Commented:
apache:x:48:user1,user2,user3
or
apache:x:48:user1,user2,user3:


0
 
Kerem ERSOYPresidentCommented:
it should be:

apache:x:48:user1,user2,user3

you have already left the ":" where it was.
0
 
liveaspankajAuthor Commented:
[root@sp4064 pankaj]# ls -al /var/www/html/
total 88

drwxrwxr-x  7 root root 4096 May  1 09:37 .
drwxr-xr-x  6 root root 4096 Apr 25 15:30 ..
-rw-rw-r--  1 root root  135 Apr 25 10:51 abc.php
-rw-rw-r--  1 root root   57 Apr 21 10:43 abd.php
-rwxrwxr-x  1 root root    6 Mar  9 06:37 index.html
-rw-rw-r--  1 root root 5332 Mar 17 05:02 openfire.html
-rw-rw-r--  1 root root   50 Apr 21 09:41 phpinfo2.php
-rw-rw-r--  1 root root   20 Apr 21 10:15 phpinfo3.php
-rw-rw-r--  1 root root   20 Apr 21 10:35 phpinfo4.php
-rw-rw-r--  1 root root   20 Apr 21 10:41 phpinfo5.php
-rw-rw-r--  1 root root   20 Apr 21 09:22 phpinfo.php
drwxrwxr-x 11 root root 4096 May  1 09:39 phpmyadmin
drwxrwxr-x  3 root root 4096 Apr 25 15:31 svn
drwxrwxr-x  2 root root 4096 Apr 21 10:24 xmppchat
0
 
Kerem ERSOYPresidentCommented:
oh your document root has been owned by root not apache...
0
 
Kerem ERSOYPresidentCommented:
- then create a group called www


groupadd www

- Change ownership to this group :

chown -R root.www /var/www/html

- add users to this group

www:x:520:usr1,user2,user3


0
 
liveaspankajAuthor Commented:
why not do:


chown -R root.apache /var/www/html


i already have users added to apache :P
0
 
Kerem ERSOYPresidentCommented:
you'd better use chgrp instead of directly modifying the group file:

chgrp -G www user1

0
 
Kerem ERSOYPresidentCommented:
> why not do:


> chown -R root.apache /var/www/html


> i already have users added to apache :P

The daemon runs as group apache. Practically any one hacking into your system will  be able to write files and directories. The whole idea is to separate serving the files and editing the files.

0
 
liveaspankajAuthor Commented:
okiee great i will change to www then
0
 
liveaspankajAuthor Commented:
works great now
thanks
0
 
Kerem ERSOYPresidentCommented:
You're welcome
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.