1

I'm setting up a new web server, and getting some issues with folder perms when generating a new symfony project.

All my websites are located into /var/www
My symfony installer is located in /usr/local/bin/symfony
And this my my symfony installer ownership and perms:
-rwxr-xr-x 1 root staff 233229 Oct 11 00:56 symfony

Here is what I did on my website main folder :
chown :www-data /var/www/
chmod g+s /var/www/
setfacl u:my-user:rwx,d:u:my-user:rwx,g:www-data:rwx,d:g:www-data:rwx /var/www

When uploading file, everything is fine, group and perms are inherited correctly.

The problem is when I generate a new symfony project with the following command while located into /var/www:
symfony new my_project

This is the project folder perms:
drwxr-xr-x 9 501 root 4096 Oct 15 00:20 test

And the perms inside the project folder:
drwxr-xr-x 4 501 staff 4096 Oct 15 00:20 app
drwxr-xr-x 2 501 staff 4096 Oct 15 00:20 bin
-rw-rw-rw- 1 root root 2032 Oct 15 00:20 composer.json
-rw-rw-rw- 1 root root 74614 Oct 15 00:20 composer.lock
-rw-rw-rw- 1 root root 248 Oct 15 00:20 .gitignore
-rw-r--r-- 1 501 staff 978 Oct 3 21:12 phpunit.xml.dist
-rw-rw-rw- 1 root root 68 Oct 15 00:20 README.md
drwxr-xr-x 3 501 staff 4096 Oct 15 00:20 src
drwxr-xr-x 3 501 staff 4096 Oct 15 00:20 tests
drwxr-xr-x 5 501 staff 4096 Oct 15 00:20 var
drwxr-xr-x 15 501 root 4096 Oct 15 00:20 vendor
drwxr-xr-x 3 501 staff 4096 Oct 3 21:14 web

ACL aren't inherited at all. After a lookup, 501 seems to be the daemon user.

How can I fix this issue?

Preciel
  • 2,666
  • 3
  • 20
  • 45
  • Looks wired with that `root staff` in it. Try `sudo chown staff.staff /usr/local/bin/symfony` then `sudo chmod 755 /usr/local/bin/symfony` (or `sudo chmod +rx /usr/local/bin/symfony`. And also I think you need to change to ownership of you `/var/www/` directory, as `staff.staff` or I think once you'll install projects with symfony's command, the new created directories inside `/var/www/` will gain automatically the ownership applied through symfony. Not sure though. – Dan Costinel Oct 15 '16 at 02:14

1 Answers1

1

You need to use recursive Preciel.

Try:

setfacl -R ...

Also the commands you used sets the permission for /var/www, but nothing underneath that!

Alvin Bunk
  • 7,621
  • 3
  • 29
  • 45
  • That would be if I wanted to set the ACL to existing sub folders. Here it's about inherit existing ACL & Group. Also, `chown g+s` is what make the group inherit to new sub folders and files. And last, just like I said, when I upload file, vie ftp or shh, group a perms are inherited just fine... The problem is somewhere else. – Preciel Oct 14 '16 at 23:06
  • 1
    That is a dilemma. I see [from this post](http://unix.stackexchange.com/questions/182212/chmod-gs-command) that for files that are `moved` to the directory are unaffected by the setguid settings. Maybe one solution is to create your Symfony project in another folder and then copy them over. But that might not work for you... – Alvin Bunk Oct 14 '16 at 23:19
  • Somehow got an idea... Is it possible to monitor the `/var/www` folder, and each time a new folder (not a file) is created, moved or copied, it apply perms after a few secs?! – Preciel Oct 15 '16 at 00:44
  • Why don't you try it? – Alvin Bunk Oct 15 '16 at 20:17
  • Because I don't know how to do it I guess.. haha – Preciel Oct 15 '16 at 22:48
  • 1
    I think you might need to repost a different question for that. But this might help you: [spawn process after a delay](http://stackoverflow.com/questions/1915062/shell-script-spawning-a-process-after-a-delay) [check if directory exists](http://stackoverflow.com/questions/59838/check-if-a-directory-exists-in-a-shell-script) So, don't you think I've helped you a few times? Do I at least deserve a thumbs up? – Alvin Bunk Oct 16 '16 at 01:08
  • Ahah... Well, the `setfack -R` should be a thumb down... :P But I will at least thumb up the comments... ;) Thanks for the posts, I will check them out – Preciel Oct 16 '16 at 01:53