unable to set constant permissions for web files

Question

I have set up 4 websites inside the /var/www/html/ folder.

• hbf-server
• hbf
• tf
• 2e

The account I use to access the server is through my account harleyfrank.

Now the permissions are root:www-data with 755 and supposed to be recursive. However, when uploading data from my account harleyfrank, it just sets permits for me, and I get an apache error because of the permissions.

I followed these websites:

• how to set permissions for all only files and for anly folders in the publick_html?
• Setting Default Permissions
• https://unix.stackexchange.com/questions/1314/how-to-set-default-file-permissions-for-all-folders-files-in-a-directory/1315#1315
• https://www.linuxquestions.org/questions/linux-desktop-74/applying-default-permissions-for-newly-created-files-within-a-specific-folder-605129/
• https://www.computerhope.com/unix/usetfacl.htm

But the weird thing is that it is applying harleyfrank:www-data with read-write permissions only to harleyfrank. I am not sure how to get it fixed.

Update 1-15-2018

Following George's answer, I tried to do a global set sudo setfacl -d -R -m u:root:rwx,g:www-data:rw,o::r /var/www/html however, it's not applying the permissions. It is still only using my username when uploading files.

Here is what the permissions are set by the ACL:

getfacl: Removing leading '/' from absolute path names
# file: var/www/html
# owner: root
# group: www-data
user::rwx
group::rwx
other::r-x
default:user::rwx
default:user:root:rwx
default:group::r-x
default:group:www-data:rw-
default:mask::rwx
default:other::r--

In one of the web folders I did ls -la and here are the results.

drwxrwxr-x+ 3 root        www-data    4096 Jan 15 19:52 .
drwxrwxr-x+ 6 root        www-data    4096 Jan 12 21:35 ..
-rwxrwxr-x  1 root        www-data     169 Jan 12 22:05 index.html
drwxrwxr-x+ 9 root        www-data    4096 Jan 12 23:16 projects
-rw-rw-r--+ 1 harleyfrank harleyfrank  871 Jan 15 19:52 test_results.txt

I uploaded test_results.txt, and it is not reading within apache as it says I do not have permissions to view the file. However, it shows read permissions in the other's group. Maybe apache2 is running everything with www-data?

Answer 1

To fix it use the setfacl comamnd to set the permissions and default owners:

sudo setfacl -d -R -m u:harleyfrank:rwX,g:www-data:rwX,o::r /var/www/html

Info:

• -d: set as default so new folders will inherit it automatically
• -R: recursive
• -m: modify existing permissions and ownerships
• u:harleyfrank:rwX: give user root rwx on the folders and files
• g:www-data:rwX: give user www-data rwX on the folders
• o::r: give others read rights on folders