[CentOS] set default permission to deployuser:deployuser for nfs common mount point /mnt/test

Wed Nov 9 10:08:27 UTC 2022
Kaushal Shriyan <kaushalshriyan at gmail.com>

On Wed, Nov 9, 2022 at 3:26 PM Simon Matter <simon.matter at invoca.ch> wrote:

> > On Mon, Nov 7, 2022 at 8:50 AM Kaushal Shriyan <kaushalshriyan at gmail.com
> >
> > wrote:
> >
> >> Thanks Emmett for the suggestion. I will keep you posted once it is
> >> done.
> >> Thanks in advance.
> >>
> >>
> > Hi Emmett,
> >
> > I have a follow up question regarding permissions. I am running a php
> > application hosted on the nginx version: nginx/1.22.0
> > using php74-fpm-7.4.32-1.el7.ius.x86_64  running on CentOS Linux release
> > 7.9.2009 (Core)I have this folder
> > /var/www/html/gsmaidp/web/sites/default/files folder which is owned by
> > deployuser.
> >
> > *drwrwsrwx 25 deployuser deployuser  4096 Nov  9 08:23 files*
> >
> > #id deployuser
> > uid=1001(deployuser) gid=1002(deployuser)
> > groups=1002(deployuser),995(nginx),994(php-fpm)
> >
> > ps aux | grep php
> > root     27692  0.0  0.0 473296 14648 ?        Ss   09:23   0:00 php-fpm:
> > master process (/etc/php-fpm.conf)
> > nginx    27693  0.0  0.1 475476 17980 ?        S    09:23   0:00 php-fpm:
> > pool www
> > nginx    27694  0.0  0.1 475476 16440 ?        S    09:23   0:00 php-fpm:
> > pool www
> > nginx    27695  0.0  0.1 475476 16412 ?        S    09:23   0:00 php-fpm:
> > pool www
> > nginx    27696  0.0  0.1 475476 16420 ?        S    09:23   0:00 php-fpm:
> > pool www
> > nginx    27697  0.0  0.1 475492 16428 ?        S    09:23   0:00 php-fpm:
> > pool www
> >
> > ps aux | grep nginx
> > root      3392  0.0  0.0  51264  1368 ?        Ss   Oct21   0:00 nginx:
> > master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
> > nginx     3393  0.0  0.0  52356  4380 ?        S    Oct21   0:51 nginx:
> > worker process
> > nginx     3394  0.0  0.0  52396  4648 ?        S    Oct21   1:45 nginx:
> > worker process
> > nginx     3395  0.0  0.0  52488  4648 ?        S    Oct21   5:38 nginx:
> > worker process
> > nginx     3396  0.0  0.0  52500  4652 ?        S    Oct21   8:32 nginx:
> > worker process
> > nginx    27693  0.0  0.1 475476 17980 ?        S    09:23   0:00 php-fpm:
> > pool www
> > nginx    27694  0.0  0.1 475476 16440 ?        S    09:23   0:00 php-fpm:
> > pool www
> > nginx    27695  0.0  0.1 475476 16412 ?        S    09:23   0:00 php-fpm:
> > pool www
> > nginx    27696  0.0  0.1 475476 16420 ?        S    09:23   0:00 php-fpm:
> > pool www
> > nginx    27697  0.0  0.1 475492 16428 ?        S    09:23   0:00 php-fpm:
> > pool www
> >
> > Whenever any new files like images or pdf files or new subfolders created
> > inside /var/www/html/gsmaidp/web/sites/default/files folder by the php
> > application the files or subfolders have user and group ownership of
> nginx
> > user.
> >
> > Is there a way to have ownership of all new files and subfolders to
> > deployuser created under /var/www/html/gsmaidp/web/sites/default/files. I
> > set SETGID (SET Group ID) flag of chmod as per below but the file is
> still
> > owned by nginx user.
> >
> > #cd  /var/www/html/gsmaidp/web/sites/default/
> > #chmod g+s files
>
> also do chmod 2775 files
> then, create a file in files/ as user nginx, it should then be owned by
> nginx:deployuser
>
> I think you can not set owner this way, only the group.
>
> >
> > I also tried the ACL method but the new files and  subfolders are still
> > owned by nginx user.
> >
> > #setfacl -Rdm u:deployuser:rwx,g:deployuser:rwx,o::rwx files
> > #setfacl -Rm u:deployuser:rwx,g:deployuser:rwx,o::rwx files
>
> I guess fiddling with ACLs just makes it more complicated :)
>
> Regards,
> Simon
>
>
Thanks Simon for the email response. Is there a way to have consistent
deployuser (user and group ownership) on new files and subfolders created
inside files directory?

cd /var/www/html/gsmaidp/web/sites/default/files/

#ls -l  image15.png
-rw-rw-r--+ 1 nginx deployuser  387071 Nov  9 08:27 image15.png

to

#ls -l  image15.png
-rw-rw-r--+ 1 deployuser deployuser  387071 Nov  9 08:27 image15.png

Apologies for bugging. Please suggest further. Thanks in advance

Best Regards,

Kaushal