Permission denied while writing a file in var/www in spite of adding me to user group
Solution 1
For this situation you need to add the set-group-ID
bit on the directory /var/www/xyz
so newly created directories inside inherit group from parent.
chmod g+s /var/www/xyz
See man 2 chmod
S_ISGID (02000) set-group-ID (set process effective group ID on execve(2); mandatory locking, as described in fcntl(2); take a new file's group from parent directory, as described in chown(2) and mkdir(2))
See comments to the answer from referred post.
Edit after comment:
If you added the setgid
bit on the parent directory after the subdirectory was created:
File var/www/dodge'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 700h/1792d Inode: 1445503 Links: 8
Access: (2775/drwxrwsr-x) Uid: ( 33/www-data) Gid: ( 33/www-data)
Access: 2013-07-16 16:29:21.434531583 +0530
Modify: 2013-07-16 14:07:46.482782580 +0530
Change: 2013-07-16 16:28:04.622533850 +0530 <---added setgid
but the subdirectory was created before that:
File: /var/www/dodge/codes'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 700h/1792d Inode: 1446465 Links: 2
Access: (0775/drwxrwxr-x) Uid: ( 1000/ wq) Gid: ( 1000/ wq)
Access: 2013-07-16 15:16:15.554661170 +0530
Modify: 2013-07-16 15:13:42.698665686 +0530
Change: 2013-07-16 15:13:42.698665686 +0530 <---before ctime above
the setgid
bit works when you create new files and directories. It will not work for any that have already been already created. So the codes
directory is still owned by wq
and group wq
and the other user has no permission to create files there; that is why you get the same error as before. Either chown
the subdirectory to set the correct group, or delete and recreate it.
chown :group /var/www/dodge/code
Solution 2
Solved this issue by adding the folder xyz
to the group var-www
. Thus, now I am able to write to the files in the sub-folders too
Related videos on Youtube
vinit
Updated on September 18, 2022Comments
-
vinit over 1 year
I gave permissions to read and write files in
/var/www
to the working user(me) through the steps given in Whats the simplest way to edit and add files to “/var/www”?. It works fine when I try to create/read file in the project directory.Say I am working in
/var/www/xyz
I am able to read and write files in this folder through a
php
code. Now, I have created a folder inside folderxyz
, sayabc
/var/www/xyz/abc
In my
php
code when I read a file situated insideabc
, it works fine, but it gives mewarning: permission denied
when I try to create a file in this folder.The exact warning is
Warning: fopen(abc/a.txt): failed to open stream: Permission denied in /var/www/xyz/code.php
I was asked to provide some output:
stat /var/www/dodge File var/www/dodge' Size: 4096 Blocks: 8 IO Block: 4096 directory Device: 700h/1792d Inode: 1445503 Links: 8 Access: (2775/drwxrwsr-x) Uid: ( 33/www-data) Gid: ( 33/www-data) Access: 2013-07-16 16:29:21.434531583 +0530 Modify: 2013-07-16 14:07:46.482782580 +0530 Change: 2013-07-16 16:28:04.622533850 +0530 Birth: - stat /var/www/xyz/abc File: /var/www/dodge/codes' Size: 4096 Blocks: 8 IO Block: 4096 directory Device: 700h/1792d Inode: 1446465 Links: 2 Access: (0775/drwxrwxr-x) Uid: ( 1000/ wq) Gid: ( 1000/ wq) Access: 2013-07-16 15:16:15.554661170 +0530 Modify: 2013-07-16 15:13:42.698665686 +0530 Change: 2013-07-16 15:13:42.698665686 +0530 Birth: -
-
Grzegorz Żur almost 11 yearsWhat is the output of
stat /var/www/xyz /var/www/xyz/abc
? -
vinit almost 11 yearsI just found out that the directory
xyz
has socket(s) permission. But the directoryabc
only has directory(d) permission. -
guntbert almost 11 yearsWelcome to Ask Ubuntu! The best way to add additional information to your question is by editing it, with the edit button. It is better visible that way, and comments are mainly for secondary, temporary purposes. Comments are removed under a variety of circumstances. Anything important to your question should be in the question itself.
-
Thomas Ward almost 11 yearsInclude the
ls -l
output on the folder in question as an edit to your question.
-
-
vinit almost 11 yearsIts not working. Still the same warning
permission denied