Sunday, October 4, 2015

How do I set default umask in Apache on Debian?



I need files created by apache2 to have umask 002, i.e. group rw, by default.



I've tried putting umask 002 in /etc/apache2/envvars and although this script does get executed as part of apache start up (apache2ctl graceful) the umask has no effect. Presumably somewhere further in the start up process (e.g. when the user is downgraded from root to www-data) there's somewhere better to put this.




I've read posts about Fedora and one suggesting putting umask in /etc/init.d/apache2 but neither of these apply/work in Debian (Squeeze).



Can you help?


Answer



To be sure that the umask setting takes effect please use a simple test and do not use any other web application for this. It might be the case that these application change the rights independently from the umask setting of Apache.



Simple test PHP script:




if ($fp = fopen(time() . '.txt', 'w')) {
fwrite($fp, 'This is a simple test.');
fclose($fp);
echo "done";
} else {
echo "error - cannot create file";
}
?>



Take care that the user www-data has write access to the folder where you have installed this simple test file.



To have the new umask running, check if the file /etc/apache2/envvars will be used within your Apache start file /etc/init.d/apache2 :



...
PIDFILE=$(. /etc/apache2/envvars && echo $APACHE_PID_FILE)
...


Set your umask in /etc/apache2/envvars :




...
# umask 002 to create files with 0664 and folders with 0775
umask 002


Restart your Apache :



service apache2 restart



Check the difference :



#> ls -l *.txt
-rw-rw-r-- 1 www-data www-data 14 2012-05-01 15:56 1335880583.txt
-rw-r--r-- 1 www-data www-data 14 2012-05-01 15:55 1335880540.txt

No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...