For years I've hated granting 777 permissions to directories to which the webserver process needs write access. I've used suexec, but have had so many problems with it over the years, it's hard to justify the effort. And many of my clients' hosting services don't support it, anyway. So what I used to do was to chown the necessary directories to www-data. That works just hunky-dory, but it means I have to ssh to the server as root to do that. And every time I change the directory structure, or the names of the files, there's more root work to do. No more.

What I tried tonight is, as root: usermod -a -G www-data jcomeau on both my development system and my client's server. Then, after logging out and back in again, so my new group membership takes effect, chgrp www-data images, and chmod 775 images. After an rsync, the images directory had the same group ownership and perms on the server, and it was writeable by a test script.

I can just hear you now, "Wow, it took you all this time to figure that out? I did that 10 years ago, and since then I've found umpteen better ways". So I'm slow, OK?

Back to blog or home page

last updated 2010-10-20 13:28:19. served from tektonic