15

I'm running an Ubuntu 14.04.1 LTS server on Digital Ocean. I'm trying to make it so I can edit files in /srv/www from my normal user account, without needing to be root.

Currently, /srv/www is owned by www-data:www-data:

sudo chown -R www-data:www-data /srv/www

I've also set the permissions on all files to 664, and on directories to 755:

sudo find /srv/www/ -type f -exec sudo chmod 644 {} \;
sudo find /srv/www/ -type d -exec sudo chmod 755 {} \;

And I added my user, shea, to the www-data group:

sudo adduser shea www-data

However, when I try to touch /srv/www/foo, I receive the following error:

touch: cannot touch ‘/srv/www/foo’: Permission denied

It works fine if I prepend sudo to that command, but I'd rather not do that all the time; plus it doesn't work over SFTP.

Changing the owner to shea:www-data allows me to write to the files, but then WordPress cannot update plugins and themes.

sudo chown -R shea:www-data /srv/www

Is there anyway that www-data and shea users can both have access to /srv/www? I was under the impression that adding both users to a group would do the trick, but I can't seem to get it working.

shea
  • 267

2 Answers2

18

You're setting 644 which is group read, not write!

sudo chown -R www-data:www-data /srv/www
sudo chmod -R g+w /srv/www
anu
  • 296
16

I had a similar problem running 16.04 on DigitalOcean. Here are the steps I followed:

  1. Give write access to the group associated with a file under /var/www/html

    sudo find /srv/www/ -type f -exec sudo chmod 664 {} \;

  2. Add myuser to the www-data group:

    sudo adduser myuser www-data

  3. Confirm permissions, e.g.: 

    ls -la /var/www/html/wp-content/themes/responsive/style.css

    gives

    -rw-rw-r-- www-data www-data 3892 Jan  1 2017 style.css

  4. Confirm group membership: id myuser gives

    uid=1000(myuser) gid=1000(myuser) groups=1000(myuser),33(www-data),110*lxd)

However, when I then tried to update style.css without sudo with my myuser account, I got a permission denied error.

Solution

I had to log out and log back in again from all sessions that were logged in as myuser before the new permissions began to take effect. Not sure why, but hope this may help anyone else in a similar situation.

pomsky
  • 70,557
morphatic
  • 261