CentOS - Nov 2022 - set default permission to deployuser:deployuser for nfs common mount point /mnt/test

On Mon, Nov 7, 2022 at 8:50 AM Kaushal Shriyan <kaushalshriyan at
gmail.com>
wrote:
> Thanks Emmett for the suggestion. I will keep you posted once it is done.
> Thanks in advance.
>
>
Hi Emmett,

I have a follow up question regarding permissions. I am running a php
application hosted on the nginx version: nginx/1.22.0
using php74-fpm-7.4.32-1.el7.ius.x86_64  running on CentOS Linux release
7.9.2009 (Core)I have this folder
/var/www/html/gsmaidp/web/sites/default/files folder which is owned by
deployuser.

*drwrwsrwx 25 deployuser deployuser  4096 Nov  9 08:23 files*

#id deployuser
uid=1001(deployuser) gid=1002(deployuser)
groups=1002(deployuser),995(nginx),994(php-fpm)

ps aux | grep php
root     27692  0.0  0.0 473296 14648 ?        Ss   09:23   0:00 php-fpm:
master process (/etc/php-fpm.conf)
nginx    27693  0.0  0.1 475476 17980 ?        S    09:23   0:00 php-fpm:
pool www
nginx    27694  0.0  0.1 475476 16440 ?        S    09:23   0:00 php-fpm:
pool www
nginx    27695  0.0  0.1 475476 16412 ?        S    09:23   0:00 php-fpm:
pool www
nginx    27696  0.0  0.1 475476 16420 ?        S    09:23   0:00 php-fpm:
pool www
nginx    27697  0.0  0.1 475492 16428 ?        S    09:23   0:00 php-fpm:
pool www

ps aux | grep nginx
root      3392  0.0  0.0  51264  1368 ?        Ss   Oct21   0:00 nginx:
master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx     3393  0.0  0.0  52356  4380 ?        S    Oct21   0:51 nginx:
worker process
nginx     3394  0.0  0.0  52396  4648 ?        S    Oct21   1:45 nginx:
worker process
nginx     3395  0.0  0.0  52488  4648 ?        S    Oct21   5:38 nginx:
worker process
nginx     3396  0.0  0.0  52500  4652 ?        S    Oct21   8:32 nginx:
worker process
nginx    27693  0.0  0.1 475476 17980 ?        S    09:23   0:00 php-fpm:
pool www
nginx    27694  0.0  0.1 475476 16440 ?        S    09:23   0:00 php-fpm:
pool www
nginx    27695  0.0  0.1 475476 16412 ?        S    09:23   0:00 php-fpm:
pool www
nginx    27696  0.0  0.1 475476 16420 ?        S    09:23   0:00 php-fpm:
pool www
nginx    27697  0.0  0.1 475492 16428 ?        S    09:23   0:00 php-fpm:
pool www

Whenever any new files like images or pdf files or new subfolders created
inside /var/www/html/gsmaidp/web/sites/default/files folder by the php
application the files or subfolders have user and group ownership of nginx
user.

Is there a way to have ownership of all new files and subfolders to
deployuser created under /var/www/html/gsmaidp/web/sites/default/files. I
set SETGID (SET Group ID) flag of chmod as per below but the file is still
owned by nginx user.

#cd  /var/www/html/gsmaidp/web/sites/default/
#chmod g+s files

I also tried the ACL method but the new files and  subfolders are still
owned by nginx user.

#setfacl -Rdm u:deployuser:rwx,g:deployuser:rwx,o::rwx files
#setfacl -Rm u:deployuser:rwx,g:deployuser:rwx,o::rwx files

#ls -l  image15.png
-rw-rw-r--+ 1 nginx nginx  387071 Nov  9 08:27 image15.png

Do i need to run any add cron entry to have consistent ownership of
deployuser for all files and subfolders created under
/var/www/html/gsmaidp/web/sites/default/files
* * * * * root chown -R  deployuser.deployuser
/var/www/html/gsmaidp/web/sites/default/files

Am I missing anything above? Please guide me. Thanks in advance.

Best Regards,

Kaushal

> On Mon, Nov 7, 2022 at 8:50 AM Kaushal Shriyan <kaushalshriyan at
gmail.com>
> wrote:
>
>> Thanks Emmett for the suggestion. I will keep you posted once it is
>> done.
>> Thanks in advance.
>>
>>
> Hi Emmett,
>
> I have a follow up question regarding permissions. I am running a php
> application hosted on the nginx version: nginx/1.22.0
> using php74-fpm-7.4.32-1.el7.ius.x86_64  running on CentOS Linux release
> 7.9.2009 (Core)I have this folder
> /var/www/html/gsmaidp/web/sites/default/files folder which is owned by
> deployuser.
>
> *drwrwsrwx 25 deployuser deployuser  4096 Nov  9 08:23 files*
>
> #id deployuser
> uid=1001(deployuser) gid=1002(deployuser)
> groups=1002(deployuser),995(nginx),994(php-fpm)
>
> ps aux | grep php
> root     27692  0.0  0.0 473296 14648 ?        Ss   09:23   0:00 php-fpm:
> master process (/etc/php-fpm.conf)
> nginx    27693  0.0  0.1 475476 17980 ?        S    09:23   0:00 php-fpm:
> pool www
> nginx    27694  0.0  0.1 475476 16440 ?        S    09:23   0:00 php-fpm:
> pool www
> nginx    27695  0.0  0.1 475476 16412 ?        S    09:23   0:00 php-fpm:
> pool www
> nginx    27696  0.0  0.1 475476 16420 ?        S    09:23   0:00 php-fpm:
> pool www
> nginx    27697  0.0  0.1 475492 16428 ?        S    09:23   0:00 php-fpm:
> pool www
>
> ps aux | grep nginx
> root      3392  0.0  0.0  51264  1368 ?        Ss   Oct21   0:00 nginx:
> master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
> nginx     3393  0.0  0.0  52356  4380 ?        S    Oct21   0:51 nginx:
> worker process
> nginx     3394  0.0  0.0  52396  4648 ?        S    Oct21   1:45 nginx:
> worker process
> nginx     3395  0.0  0.0  52488  4648 ?        S    Oct21   5:38 nginx:
> worker process
> nginx     3396  0.0  0.0  52500  4652 ?        S    Oct21   8:32 nginx:
> worker process
> nginx    27693  0.0  0.1 475476 17980 ?        S    09:23   0:00 php-fpm:
> pool www
> nginx    27694  0.0  0.1 475476 16440 ?        S    09:23   0:00 php-fpm:
> pool www
> nginx    27695  0.0  0.1 475476 16412 ?        S    09:23   0:00 php-fpm:
> pool www
> nginx    27696  0.0  0.1 475476 16420 ?        S    09:23   0:00 php-fpm:
> pool www
> nginx    27697  0.0  0.1 475492 16428 ?        S    09:23   0:00 php-fpm:
> pool www
>
> Whenever any new files like images or pdf files or new subfolders created
> inside /var/www/html/gsmaidp/web/sites/default/files folder by the php
> application the files or subfolders have user and group ownership of nginx
> user.
>
> Is there a way to have ownership of all new files and subfolders to
> deployuser created under /var/www/html/gsmaidp/web/sites/default/files. I
> set SETGID (SET Group ID) flag of chmod as per below but the file is still
> owned by nginx user.
>
> #cd  /var/www/html/gsmaidp/web/sites/default/
> #chmod g+s files
also do chmod 2775 files
then, create a file in files/ as user nginx, it should then be owned by
nginx:deployuser

I think you can not set owner this way, only the group.
>
> I also tried the ACL method but the new files and  subfolders are still
> owned by nginx user.
>
> #setfacl -Rdm u:deployuser:rwx,g:deployuser:rwx,o::rwx files
> #setfacl -Rm u:deployuser:rwx,g:deployuser:rwx,o::rwx files
I guess fiddling with ACLs just makes it more complicated :)

Regards,
Simon
>
> #ls -l  image15.png
> -rw-rw-r--+ 1 nginx nginx  387071 Nov  9 08:27 image15.png
>
> Do i need to run any add cron entry to have consistent ownership of
> deployuser for all files and subfolders created under
> /var/www/html/gsmaidp/web/sites/default/files
> * * * * * root chown -R  deployuser.deployuser
> /var/www/html/gsmaidp/web/sites/default/files
>
> Am I missing anything above? Please guide me. Thanks in advance.
>
> Best Regards,
>
> Kaushal
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>

Am 09.11.22 um 10:41 schrieb Kaushal Shriyan:
> On Mon, Nov 7, 2022 at 8:50 AM Kaushal Shriyan <kaushalshriyan at
gmail.com>
> wrote:
> 
> 
> #setfacl -Rdm u:deployuser:rwx,g:deployuser:rwx,o::rwx files
> #setfacl -Rm u:deployuser:rwx,g:deployuser:rwx,o::rwx files
> 
> #ls -l  image15.png
> -rw-rw-r--+ 1 nginx nginx  387071 Nov  9 08:27 image15.png
> 

Try:

setfacl -R -m 
g:deployuser:rwX,d:g:deployuser:rwX,u:nginx:rwX,d:u:nginx:rwX /data/

--
Leon