On Mi, 22 sep 21, 00:15:48, Paul M. Foster wrote: > > On 9/21/21 11:42 PM, Georgi Naplatanov wrote: > > > > you can create a user group, add all developers to it and give this > > group permissions to read and write to that particular folder > > (/var/www/html/website). > > > This is more or less the solution I tried. However, when a user creates a > file on this system, the permissions are (for example) paulf:paulf. This > means that, despite the directory permissions, other users won't be able to > modify the file normally (assuming a system umask of 022).
Changing the umask to 002 is a must in this setup. > However, I did just read an excellent explanation of the setgid bit, which > apparently, sets the GID of a created file to that of the directory, rather > than the file's creator. This might work. I haven't tested it yet. It works, but it's a pain to setup, because it still needs umask 002 for all users and there are so many places to change the umask. This might sound like heresy, but depending on your storage and permissions needs it is much easier to use a NTFS[1] partition as the backend, because you can enforce correct permissions and file/directory masks via mount options. I'd be happy to learn about a comparable alternative. [1] or even VFAT, but it's probably a bad idea to use that for anything but the few very specific cases where you can't use anything else. Hope this helps, Andrei -- http://wiki.debian.org/FAQsFromDebianUser
signature.asc
Description: PGP signature
