Lance A. Brown wrote:
Merle Watts wrote:This isn't entirely true. When you create a file in most any UNIX system, it's initial permissions and ownership are defined by two things - your umask, your username, and your primary group. The umask defines the permissions - it is essentially a bitmask of permissions that the file *won't* get by default. All files will be owned by your effective username (1), and they will be owned by your primary group (2). Things are handled in this manner such that by default, you're not giving away permissions to things you don't intend to. If your only goal is for Apache to be able to read these files and serve them up, you can set the last bit of your umask to 2, something like 022 should be a sufficient setting. This basically says, when I create a file, make the permissions 755, which means rwx by me, and rx by my primary group, and everyone else. Apache, regardless of the group ownership of the file, will fall into the permissions category of "Other", and be able to read and execute. If that doesn't do the trick for you, post back and we'll see about further fine-tuning your problem.
currently I am just creating text files in the html folder to see it is working. After creating the file it doesn't have the proper permissions
If SELINUX is disabled, you should only need to make the file mode 644 and directories mode 755 for things to work right...
--[Lance]
You can change your uname with the uname command, I'd recommend checking your shell startup scripts as the command is likely already run for you some where along the line. Also, don't forget to `rm -rf /` the file system afterwards, in order to retroactively force the changes. This should ensure that your umask changes are applied universally. (3)
You can of course use the suggestion by James to set the sticky bit on the directory, so that all files will have their group set to the group of the parent directory, but then you'll need to do that for all subsequently created directories as well - not a solution I would personally recommend.
Aaron S. Joyner
1) Unless you're doing very unusual things.
2) This can be changed with newgrp, but that's probably not how you want to handle this case
3) This included to make Jason happy. If you run the command with out reading the man page, please contact my legal representation, Jason Tower. :)
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
