SFTP permission denied on files owned by www-data
- by Charles Roper
I have a pretty standard server set up running Apache and PHP. An app I am running creates files and these are owned by the Apache user www-data. Files that I upload via SFTP are owned by my own user charlesr. All files are part of the www-data group. My problem is that I cannot modify or overwrite any of the files via SFTP which are owned by www-data, even though charlesr is part of the www-data group. I can modify the files no problem via a SSH session.
So I'm not sure what to do. How do I give my SFTP session permissions to modify www-data owned files?
For a bit of background, these are the notes I wrote for myself when setting-up the server:
Now set up permissions on `/var/www` where your files are served from by
default:
$ sudo adduser $USER www-data
$ sudo chgrp -R www-data /var/www
$ sudo chmod -R g+rw /var/www
$ sudo chmod -R g+s /var/www
Now log out and log in again to make the changes take hold.
The previous set of commands does the following:
1. adds the current user ($USER) to the `www-data` group;
2. changes `/var/www` to belong to the `www-data` group;
3. adds read/write permissions to the group that `/var/www` belongs to;
4. sets the SGID bit on `/var/www`; this final point bears some explaining.
And then I go on to explain to myself what setting the SGID bit means (i.e. all files created in /var/www become part of the www-data group automatically).
Btw, nothing feels sweeter than going back and reading your own
detailed notes on the what, how and why of your own server set up when
trying to troubleshoot like this - I recommend it highly to all
beginners like myself :-)
