Setting user's group and umask has no effect
- by Andrew Vit
I'm trying to allow my "deploy" user to have access to files created by www-data:
I added "deploy" to the www-data group.
I set umask to 002.
When I run the following commands, I'm not seeing the result I expect:
deploy@ubuntu-lucid-32-generic:/var/www$ groups
www-data adm dialout cdrom plugdev lpadmin sambashare admin deploy sysadmin
deploy@ubuntu-lucid-32-generic:/var/www$ newgrp www-data
deploy@ubuntu-lucid-32-generic:/var/www$ umask
0002
deploy@ubuntu-lucid-32-generic:/var/www$ mkdir test
deploy@ubuntu-lucid-32-generic:/var/www$ ls -la test
total 0
drwxr-xr-x 1 deploy deploy 68 Nov 7 20:37 .
drwxr-xr-x 1 deploy deploy 476 Nov 7 20:37 ..
I see that:
The folder doesn't belong to the www-data group.
The folder permissions don't have group-write (775).
Note that the /var/www directory is owned by the deploy user:
drwxr-xr-x 1 deploy deploy 510 Nov 7 20:45 .
How can I give www-data selective access to directories? Or, how to share the /var/www directory with my deploy user: I don't care who owns it, as long as I can write to it, and so can www-data. (Ideally I would set up a directory with SGID access for www-data.)