How can I give write-access of a folder to all users in linux?
I installed apache2 on Ubuntu just now, and noticed that the /var/www folder is protected. I can just sudo everything but I would rather just give it write access. How can I do this? I tried sudo chmod 7777 /var/www but it didn’t work.
Is this a publicly accessible server, or does it have no direct connection to the internet? If the former it is important that you consider security decisions — servers on the internet are constantly under attack (have a look in your /var/log/messages or equivalent).
8 Answers 8
To best share with multiple users who should be able to write in /var/www , it should be assigned a common group. For example the default group for web content on Ubuntu and Debian is www-data . Make sure all the users who need write access to /var/www are in this group.
Then set the correct permissions on /var/www.
sudo chgrp -R www-data /var/www sudo chmod -R g+w /var/www Additionally, you should make the directory and all directories below it «set GID», so that all new files and directories created under /var/www are owned by the www-data group.
sudo find /var/www -type d -exec chmod 2775 <> \; Find all files in /var/www and add read and write permission for owner and group:
sudo find /var/www -type f -exec chmod ug+rw <> \; You might have to log out and log back in to be able to make changes if you’re editing permission for your own account.
That is how you give access to it. It’s quicker to copy and paste the commands than try to navigate through a GUI file manager’s dialogs to do the same thing. Long term it helps you if you read the manual pages for chmod and chgrp, at least («man chmod»).
+1 for guid to force apache permissions. works well with umask of 027. If something needs writes access, it’s as easy as chmod g+w dir/
There’s a simpler way to do this, try doing this command.
Essentially, the chmod command alters permissions and the -R switch affects all users. Then it is simply giving the correct permissions to use.
You can also replicate what jtimberman suggested using access control lists. The setfacl command accepts -s to replace an existing ACL or -m to modify it; -R to make directory ACLs recursive; and -d to make the specified settings the default, which is useful if you’re anticipating forthcoming user accounts.
These just set the permissions as you would for the user, group, other, and mask using chmod:
setfacl -m u::rwx, g::r-x, o::---, m:rwx DIRECTORY And this could be how you’d do it for a specified user or his/her group:
setfacl -m u:USERNAME:rwx, g:USERNAME:r-x DIRECTORY And of course, the strength is that you can designate any specific user, multiple users, etc., all without having to modify your group settings. And unlike chmod, if you want some groupies to have access to one directory and other groupies to have access only to another, it’s actually possible with setfacl. Finally, to view a directory’s ACLs, run getfacl:
And you can specify -R to see the ACLs for subdirectories or -d to see the defaults.
Give user write access to folder [duplicate]
This will make the user & group testuser the owner of the file. IF YOU ARE USING A DIFFERENT USERNAME (run whoami or look before the @ of your terminal promp, or be lazy and replace testuser with $USER ), use that username instead. For instance user Flora colossus may have the username groot , in which case you would run sudo chown -R groot:groot . . If in doubt use the manual pages linked below.
or to use chmod (read and use carefully):
sudo chmod -R 777 /var/www/test/public_html Which will allow read-write-execute permissions for the owner, group, and any other users. The execute bit is required for directories to work, files can get by with 666 permissions (strictly speaking most files shouldnt need the execute permission, but this is least likely to break stuff and does not require find etc). chmod is much more difficult to ‘undo’ if needed that the other options.
Here are manual pages on chown and chmod (these can also be found by running man chown and man chmod .)
I should add you can give groups of users write access as well (examples here and here).
Also beware giving global write access with the chmod command if you have not as trustworthy users/scripts running on the server etc — I recommend changing the group or the user permissions instead. If using chmod please read up on this and understand what it is doing.
Allowing a group Read-Write Access to a directory
I have two users, user1 and user2, that are both members of groupA. user2 has a folder in their home directory called folderA. If they wish to allow read-write-execute permissions for all members of groupA, how would they do this? What if folderA contains many files and additional folders that also need to have read-write-execute permission? Information regarding groups is a little ‘spotty’ across the web, so I am putting my question here in the hope someone posts a clear answer that might help others out too. Thanks!
2 Answers 2
FolderA will first need to be part of groupA — the folder’s owner or root can perform this operation
Then groupA will need rwx permissions of the folder
There are options in the chgrp and chmod commands to recurse into the directory if required.
I originally tried chown :groupname ./folder and that didnt work — as in it changed the group, but didn’t give any effective permissions
didn’t worked for me also. Folder somehow can not give write permissions to a group. Whatever I have tried.
@pbhj That has not been my experience, although I will admit to not having great depth of experience. I do need to logout/in if I have altered the user or group — the login does not pickup altered permissions until the next login. But altered file and directory permissions work immediately for me.
My own experience in this area here. Tested on Ubuntu 18.04.
Allow to write in the system folder
Give write permission to /etc/nginx/ folder.
# Check 'webmasters' group doen't exist cat /etc/group | grep webmasters # Create 'webmasters' group sudo addgroup webmasters # Add users to 'webmasters' group sudo usermod -a -G webmasters username sudo usermod -a -G webmasters vozman sudo usermod -a -G webmasters romanroskach # Group assignment changes won't take effect # until the users log out and back in. # Create directory sudo mkdir /etc/nginx/ # Check directory permissions ls -al /etc | grep nginx drwxr-xr-x 2 root root 4096 Dec 5 18:30 nginx # Change group owner of the directory sudo chgrp -R webmasters /etc/nginx/ # Check that the group owner is changed ls -al /etc | grep nginx drwxr-xr-x 2 root webmasters 4096 Dec 5 18:30 nginx # Give write permission to the group sudo chmod -R g+w /etc/nginx/ # Check ls -al /etc | grep nginx drwxrwxr-x 2 root webmasters 4096 Dec 5 18:30 nginx # Try to create file sudo -u username touch /etc/nginx/test.txt # should work sudo -u username touch /etc/test.txt # Permission denied Give write permission to /etc/systemd/system/ folder.
# List ACLs getfacl /etc/systemd/system getfacl: Removing leading '/' from absolute path names # file: etc/systemd/system # owner: root # group: root user::rwx group::r-x other::r-x # Add 'webmasters' group to an ACL sudo setfacl -m g:webmasters:rwx /etc/systemd/system # Check getfacl /etc/systemd/system getfacl: Removing leading '/' from absolute path names # file: etc/systemd/system # owner: root # group: root user::rwx group::r-x group:webmasters:rwx mask::rwx other::r-x sudo -u username touch /etc/systemd/system/test.txt # should work sudo -u username touch /etc/systemd/test.txt # Permission denied