Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clean up /var/www/drupal file/dir permissions #67

Closed
ksclarke opened this issue May 26, 2015 · 5 comments
Closed

Clean up /var/www/drupal file/dir permissions #67

ksclarke opened this issue May 26, 2015 · 5 comments
Labels
enhancement

Comments

@ksclarke
Copy link
Contributor

I'd say that the Drupal directory structure at the end of the build should be owned/writeable by vagrant and be readable by the www-data group (with the exception of 'files' which needs to be writeable by the web user: www-data). Other thoughts? I see there is a "web" group that vagrant, tomcat7, and apache/www-data are in. As it is now on the file system, some things are vagrant:vagrant, some are root:root, and some are vagrant:web.

This is just to start the discussion about how we can end up with a consistent permissions scheme after installation.
@ruebot
Copy link
Contributor

ruebot commented May 27, 2015

My intent, that isn't fully implemented, is that fedora configs and drupal site are all owned by vagrant:web and 775. Just to make things easier for development.

@ksclarke
Copy link
Contributor Author

Thanks @ruebot

So why not 755? As you know, my end goal is to be able to reuse the scripts with Packer and it would be better (I'm told by the sysadmins) not to have the web user be able to write to the files it serves (the exception being the 'files' dirs). I know this isn't as much of a concern on a temporary dev box that goes up and down as needed, but I'm wondering if there is a reason not to use 755(?)

I also don't have a problem with 'web' being the group, but I'm curious why you didn't use www-data for it? Was there a particular reason?

@ruebot
Copy link
Contributor

ruebot commented May 27, 2015

What if we made this a variable for #70?

@ksclarke
Copy link
Contributor Author

The user group or the permissions? I'm not sure it makes as much sense to expose the group and file permissions as variables. There will already by a lot of them and I'm more inclined to try and limit the number of variables (to avoid variable fatigue -- is that a thing? -- for people setting up the system).

I'm fine with this ticket being about consistency and 775/vagrant:web are fine with me if that's what we land on... I do see this build as having a different audience from the (hypothetical) Packer build. I guess I was more interested in the reasoning (and more, in particular, the reasoning being the group choice).

@ruebot
Copy link
Contributor

ruebot commented May 28, 2015

Actually, I'm not sure what I was thinking. 755 makes complete sense, and the files dir should be 775. I blame lack of sleep from jet lag 😄

@ruebot ruebot closed this as completed in 63a78f9 Jun 4, 2015
ruebot added a commit that referenced this issue Jun 4, 2015
@ruebot
One last thing for #67.
46b5202
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ksclarke @ruebot