From owner-freebsd-questions@FreeBSD.ORG Sat Sep 29 22:13:45 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D8316106564A for ; Sat, 29 Sep 2012 22:13:45 +0000 (UTC) (envelope-from pschmehl_lists@tx.rr.com) Received: from cdptpa-omtalb.mail.rr.com (cdptpa-omtalb.mail.rr.com [75.180.132.120]) by mx1.freebsd.org (Postfix) with ESMTP id 988988FC0C for ; Sat, 29 Sep 2012 22:13:45 +0000 (UTC) X-Authority-Analysis: v=2.0 cv=H+ZZMpki c=1 sm=0 a=+L5dYfeubEW4PLvjDgtIXQ==:17 a=WAZfUmVf-EkA:10 a=BT3UhpxYSDkA:10 a=05ChyHeVI94A:10 a=IkcTkHD0fZMA:10 a=ayC55rCoAAAA:8 a=D5EblfWhqe8A:10 a=pGLkceISAAAA:8 a=t-qvIqfNAAAA:8 a=UdvEN9gbqWsBAELrqE0A:9 a=QEXdDO2ut3YA:10 a=ZXZb1VRfrxsA:10 a=MSl-tDqOz04A:10 a=us3QuJEASGkA:10 a=+L5dYfeubEW4PLvjDgtIXQ==:117 X-Cloudmark-Score: 0 X-Originating-IP: 76.184.157.127 Received: from [76.184.157.127] ([76.184.157.127:60096] helo=[10.0.0.240]) by cdptpa-oedge02.mail.rr.com (envelope-from ) (ecelerity 2.2.3.46 r()) with ESMTP id 4D/FC-15382-89277605; Sat, 29 Sep 2012 22:13:45 +0000 Date: Sat, 29 Sep 2012 17:13:44 -0500 From: Paul Schmehl To: Adam Vande More Message-ID: In-Reply-To: References: <6B256EAE618B4A87F4D57217@Pauls-MacBook-Pro.local> X-Mailer: Mulberry/4.0.8 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Cc: FreeBSD Questions Subject: Re: File permissions - how to "lock" a directory X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Paul Schmehl List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Sep 2012 22:13:46 -0000 --On September 29, 2012 4:59:50 PM -0500 Adam Vande More=20 wrote: > On Sat, Sep 29, 2012 at 4:41 PM, Paul Schmehl > wrote: > > > I have a particularly thorny problem I'm trying to solve, but I'll bet > FreeBSD has a solution. > > I'm running a webserver using suphp. =C2=A0It's very picky about = permissions. > It wants the web server user (www) to be the owner of all directories and > files. > > Meanwhile, the site owners want to be able to update and add files to the > site. =C2=A0When they update files everything is fine. =C2=A0When they = upload new > files, the ownership of the file is user:user instead of www:user, so > apache can't display them. > > Is there a way to "lock" a directory such that all files created in that > directory are owned by the directory owner? =C2=A0If not, I'll have to = script > something to change perms after uploads. > > > There is the suiddir option, see mount(8) and=C2=A0chmod(2). > Thanks, Adam. I see now I didn't read chmod(1) closely enough. I'm now=20 using 4770 for directories, and I hope this will solve the problem. Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. ******************************************* "It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead." Thomas Jefferson "There are some ideas so wrong that only a very intelligent person could believe in them." George Orwell