Can't create files with `ubuntu` user under `/var/www`

Question

I've added ubuntu user to the www-data group and set the folder permissions as follows:

sudo gpasswd -a "$USER" www-data
find /var/www -type f -exec chmod 0640 {} \;
sudo find /var/www -type d -exec chmod 2750 {} \;

I can verify that ubuntu has been added to the group (running groups shows ubuntu www-data). I can access and read any files and directories in the /var/www directory as ubuntu.

I want to grant write permissions to ubuntu user in certain directories. Running sudo chmod -R g+w /var/www/public/uploads/ gives ubuntu access to write into this folder.

The problem is that when www-data creates new directories in /var/www/public/uploads/, ubuntu does not have permission to write in these newly created directories.

That is, when www-data creates /var/www/public/uploads/some-new-folder/, ubuntu cannot touch files in some-new-folder.

How can I change the permissions so that any files and directories created by www-data in specific paths will be writable by ubuntu as well?

Answer 1

You could use the "setgid" bit of the parent folder ("uploads", in this case) and any file created within it will have the specified group membership regardless of the creator. The command is below. Here is a good post I found on "setgid": http://www.toptip.ca/2010/03/linux-setgid-on-directory.html

Setgid with chmod: sudo chmod g+s /var/www/public/uploads/ <your group>

Hope that helps!