0

I have a deploy BASH script which runs as Jenkins CI job. It runs under the jenkins user. Deploy needs to delete old directory and replace it with new one. But there is a problem. Laravel generates the files like session or cache with chmod 644 as www-data user. It means although Jenkins is in the www-data group he can not delete the generated files cause group has only read permission.

I found something about permissions in Laravel documentation, but it does not work cause it is only for storage/app folder.

The question is is there a way to force Laravel or PHP demon to generate files with required permissions e.g. 664? Hope it is. Thanks for any help.

Čamo
  • 3,863
  • 13
  • 62
  • 114
  • Maybe something like [this](https://stackoverflow.com/a/64251935/487813) will work – apokryfos Jun 16 '21 at 15:40
  • I am not sure about it. It should be handled on www-data or Laravel level. This is not clear. – Čamo Jun 16 '21 at 16:59
  • IMO, you shouldn't try to modify the installer. Install the project files THEN change the permissions to match your use case. – LobsterBaz Jun 16 '21 at 17:32
  • The problem is not with permissions I set. The problem is with permissions which set up www-data for new files in the future. It set it up to 644 which means I as group member can not delete it. – Čamo Jun 16 '21 at 17:43

2 Answers2

1

The final solution is to set up ACL privileges for parent directory via setfacl command.

setfacl -R -dm "g:www-data:rw" /path/to/dir

This ensures the generated files will inherit the ACL privileges from parent dir.

Čamo
  • 3,863
  • 13
  • 62
  • 114
0

My straight forward solution is to run endless background script as root which find and deletes required directories every 10 seconds. It runs as nohup so it is still running although I close the terminal.

while true
do
  find /var/www -maxdepth 1 -type d -name 'deploy-old-*' -exec rm -rf {} \;
  sleep 10
done
Čamo
  • 3,863
  • 13
  • 62
  • 114