• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 289
  • Last Modified:

file permission to particular folder for a few users

Hi Friends


I want to add file edit permissions for /var/www/html to few users. How do i do that?
0
liveaspankaj
Asked:
liveaspankaj
2 Solutions
 
Kerem ERSOYPresidentCommented:
Hi,

- first off just add these users in in HTTP group:
 - edit /etc/group
 - find the http group (I assume it is apache)
 - add the users to that gorup such as
 
apache:x:48:user1,user2,user3

- then locate your document root ( I assume it is /var/www/html) You can check it through your http.conf look for DocumentRoot tag.
- run this command:
  chmod -R w+g /var/www/html

- This wil enable apache group members to have the right to modify files in the document root.

This is it.

Cheers,
K.
0
 
Kerem ERSOYPresidentCommented:
Opps my bad:

chmod -R g+w /var/www/html

now that the permission on the directory should look like this

# ls -al /var/www/html
total 4660
drwxrwxr-x 36 root root  12288 Apr 25 01:44 .
drwxr-xr-x 12 root root   4096 Apr 11 18:59 ..
-rw-rw-r--  1 root root  72545 Jul 20  2009 index.html


So that any user in apache group could modify the contents.

Please note the italic parts. This is the group information writable to the group members.


0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Kerem ERSOYPresidentCommented:
@Abhishek_Chib: Only this is different since he should make the users into an existing group (apache or www depending on the distro) not to create a new group from the scratch.
0
 
liveaspankajAuthor Commented:
all lines in group file ends with ":"? i feel. do i need to end that line with colon as well.

i see an existing etry as
apache:x:48:

do i append user1,user2 to that?
0
 
Kerem ERSOYPresidentCommented:
all lines in group file ends with ":"? i feel. do i need to end that line with colon as well.

i see an existing etry as
apache:x:48:

do i append user1,user2 to that?

Yeah it should look like:
apache:x:48:user1,user2,user3

when you finish.
0
 
woolmilkporcCommented:
"man setfacl"


wmp
0
 
liveaspankajAuthor Commented:
apache:x:48:user1,user2,user3
or
apache:x:48:user1,user2,user3:


0
 
Kerem ERSOYPresidentCommented:
it should be:

apache:x:48:user1,user2,user3

you have already left the ":" where it was.
0
 
liveaspankajAuthor Commented:
[root@sp4064 pankaj]# ls -al /var/www/html/
total 88

drwxrwxr-x  7 root root 4096 May  1 09:37 .
drwxr-xr-x  6 root root 4096 Apr 25 15:30 ..
-rw-rw-r--  1 root root  135 Apr 25 10:51 abc.php
-rw-rw-r--  1 root root   57 Apr 21 10:43 abd.php
-rwxrwxr-x  1 root root    6 Mar  9 06:37 index.html
-rw-rw-r--  1 root root 5332 Mar 17 05:02 openfire.html
-rw-rw-r--  1 root root   50 Apr 21 09:41 phpinfo2.php
-rw-rw-r--  1 root root   20 Apr 21 10:15 phpinfo3.php
-rw-rw-r--  1 root root   20 Apr 21 10:35 phpinfo4.php
-rw-rw-r--  1 root root   20 Apr 21 10:41 phpinfo5.php
-rw-rw-r--  1 root root   20 Apr 21 09:22 phpinfo.php
drwxrwxr-x 11 root root 4096 May  1 09:39 phpmyadmin
drwxrwxr-x  3 root root 4096 Apr 25 15:31 svn
drwxrwxr-x  2 root root 4096 Apr 21 10:24 xmppchat
0
 
Kerem ERSOYPresidentCommented:
oh your document root has been owned by root not apache...
0
 
Kerem ERSOYPresidentCommented:
- then create a group called www


groupadd www

- Change ownership to this group :

chown -R root.www /var/www/html

- add users to this group

www:x:520:usr1,user2,user3


0
 
liveaspankajAuthor Commented:
why not do:


chown -R root.apache /var/www/html


i already have users added to apache :P
0
 
Kerem ERSOYPresidentCommented:
you'd better use chgrp instead of directly modifying the group file:

chgrp -G www user1

0
 
Kerem ERSOYPresidentCommented:
> why not do:


> chown -R root.apache /var/www/html


> i already have users added to apache :P

The daemon runs as group apache. Practically any one hacking into your system will  be able to write files and directories. The whole idea is to separate serving the files and editing the files.

0
 
liveaspankajAuthor Commented:
okiee great i will change to www then
0
 
liveaspankajAuthor Commented:
works great now
thanks
0
 
Kerem ERSOYPresidentCommented:
You're welcome
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now