change permissions for only one user in Apache-managed directory

0

Ok, this may look like it might be an Apache or an Owncloud question, but I think the way I want to try and solve the problem is a more generic one:

On a Mythbuntu 14.04 server box, I have Apache 2.4.7 running Owncloud. I want another application on the same system (the Amarok music player) having access to the music files managed by the Owncloud server. However, only the Apache user "www-data" has permission to read anything under /var/www/owncloud/data (they're supposed to be handled only through the Oc web interface or a sync client app). I think it wouldn't be a security problem to grant my user "ben" on that box read-only access to just the directory that contains all the music: /var/www/owncloud/data//files/Music But I don't know how to do that, or if it's even possible. chmod confuses me with the different notations, and also there's the thing of modifying permissions for just the one user. Can you help me with the right command?

Ben Opp

Posted 2014-12-30T23:49:57.163

Reputation: 105

have you added the user ben to the group that www-data is in? there should be some kind of group ownership of those files. – Optichip – 2014-12-30T23:56:37.393

@Optichip: Actually yes, I just thought of that, but maybe I did it wrong, because seemingly it didn't take effect: `ben@hermann:~$ sudo usermod -a -G www-data ben

ben@hermann:~$ groups ben adm cdrom sudo dip video plugdev netdev sambashare mythtv lpadmin` i.e. after issuing the usermod command, I'm still not a member of the group www-data – Ben Opp – 2014-12-31T00:11:14.913

check the /etc/group file and see if you can see the www-data group in there and add yourself to the line. See if that helps. – Optichip – 2014-12-31T00:50:49.833

@Optichip, actually it did work the first time, I just got the command wrong for checking it: it should have been groups ben to list the groups that my user is in, instead of just groups which simply lists the groups existing system-wide. You should convert your first comment to an answer, because it solved the problem for using standard Linux permissions tools chown/chmod. I appears that to get specifically what I was asking for (give read-only to just one user) I'd have to resort to ACLs

– Ben Opp – 2015-01-04T14:58:25.120

Answers

0

Add the user to the group www-data, this should allow the user to access the files that you need. See comments on the question if you need more information about it. sudo usermod -aG <groupname> <username> from a terminal window will add the user to the group for you.

Optichip

Posted 2014-12-30T23:49:57.163

Reputation: 649

...and groups <username> will list the groups that your user is a member of, to check whether usermod was successful. – Ben Opp – 2015-01-05T15:17:31.050

Asked: 2014-12-30T23:49:57.163

Viewed: 241 times

Active: 2015-01-04T17:49:34.130