Apache is not respecting my default permissions when writing files

Question

I'm using Laravel, and whenever the logs or the cache is being written to the storage folder, it's giving 755 permissions, and creating the owner as daemon. I have run sudo chown -R username:username app/storage and sudo chmod -R 775 app/storage numerous times. I have even added username to the group daemon and daemon to the group username.

But, it still writes files as daemon, and with 755 permissions, meaning that username can't write to it.

What am I doing wrong?

This wasn't happening with another Laravel project, so I can't be too sure. I am completely dumbfounded. How would I check if umask is, in fact, causing this? — timetofly, Mar 25 '14 at 16:34
Afaik, whenever Apache writes stuff it writes them under the User and Group specified in the httpd.conf. Simple check for `User x` and `Group x` directives. — Aziz Saleh, Mar 25 '14 at 16:57
@AzizSaleh Yeah, it uses `daemon` for both. This honestly wouldn't be a problem if it just used the 775 permission, as required. The 755 is the real problem here =\ — timetofly, Mar 25 '14 at 17:24
for checking umask: simply write to any file in storage output of `umask()` (-; — Michael Livach, Mar 25 '14 at 17:53
@MichaelLivach umask appears to be 18, but running in the terminal shows 22. Why the difference? Could this be the problem? — timetofly, Mar 25 '14 at 18:24

score 3 · Accepted Answer · edited May 23 '17 at 10:27

This one has also been bugging me for a while but I was too busy to hunt down a solution. Your question got me motivated to fix it. I found the answer on Stack Overflow.

In short, the solution is to change the umask of the Apache process. The link above mentions two possible places to make the change: you add umask 002 to

/etc/init.d/apache2
/etc/apache2/envvars (Debian/Ubuntu) or /etc/sysconfig/httpd (CentOS/Red Hat), or

Edit

I recently upgraded from Ubuntu 12.04 32-bit to 14.04 64-bit and, to my great irritation, I could not get this to work. It worked for some PHP scripts but not others - specifically, a short test script I wrote worked fine, but the Laravel caching code did not. A co-worker put me on to another solution: bindfs.

By mounting my project directory (/var/www/project) in my home directory (~/project) with the appropriate user mapping, all my problems were solved. Here's my fstab entry:

/var/www/project  /home/username/project  fuse.bindfs  map=www-data/username:@www-data/@usergroup

Now I work in ~/project - everything looks like it's owned by username:usergroup and all filesystem changes work as if I own the files. But if I ls -la /var/www/project/, everything is actually owned by www-data:www-data.

Perhaps this is an overly-complicated solution, but if you have trouble getting the umask solution to work, this is another approach.

score 0 · Answer 2 · answered Mar 25 '14 at 18:05

0

In this instance Apache isn't doing anything wrong. Apache reads and writes files based on the User and Group settings in its configuration file. The configuration file in question is like /etc/httpd/conf/httpd.conf but the location and even name differs depending on the system you're using.

It's also worth noting, that if you're running PHP as something such as FastCGI, then it'll use the user that FastCGI is set to use, seeing as that is the bit that modifies and creates files, not Apache.

answered Mar 25 '14 at 18:05

ollieread

6,018
1
20
36

This is all on my local developing machine, and I'm not running FastCGI. As I said in the comments above, the user and group doesn't seem to be the problem, but the file permissions. They're created as 755, but I chmod'd the whole storage directory to 775. My user is part of the `daemon` group, so having it 775 would be optimal. – timetofly Mar 25 '14 at 18:26

Apache is not respecting my default permissions when writing files

2 Answers2

Edit