Files created from Windows box on Linux box don't get correct permissions.

[JasonLewis]

Okay, I set up samba so that it shares my /var/www directory so that I can gain access from my Windows box. The reason I did this was so that I could run NetBeans from my Windows box and edit files inside my /var/www directory.

 

I've set up multiple sites so they are all stored in /var/www/sites/<sitename>/htdocs

The problem is when I create a file from NetBeans it gives it incorrect permissions. Running ls -l from inside htdocs outputs this:

 

-rw-r--r-- 1 jason www   19 2010-09-03 18:42 index.php
drwxrws--x 3 jason www 4096 2010-09-03 18:34 nbproject
-rwxrw---- 1 jason www  511 2010-09-03 18:43 netbeans_file.php

 

index.php was created from SSH, and my linux isn't great but from looking at it index.php has read permissions for every group, and the owner can write too it (does it need execute?). However the netbeans_file.php (which was created from inside NetBeans), doesn't have any permissions for other.

 

I'm kind of lost here, I can manually assign permissions to the file from SSH (chmod 644), however I'd prefer if files gained permissions when created.

 

I'm not even sure where to start...

[trq]

Within the samba config for this directory you'll need to set the umask. Something like....

 

create mask = 022

[JasonLewis]

This is what I have, which I ended up with after following a tutorial.

 

[www]
comment = www directory
path = /var/www
public = yes
writable = yes
valid users = jason
create mask = 0771
directory mask = 0771
force user = jason
force group = www

 

So create mask should be 022?

 

I change create mask = 0771 to 022 and now when I create files I get the following permissions:

 

-----w--w- 1 jason www    0 2010-09-03 20:11 test.php

 

NetBeans also says this: Cannot lock read-only file \\jcl-webserver\www\sites\home\htdocs\test.php

 

Edit:

 

I changed the create mask to 644 and now the permissions are set to the same as when created through SSH.

I take it this is the right way?

[trq]

I'm not really a samba user but if that is giving you the desired results, we can assume it is correct.

 

I thought the mask would work the same as umask does in Linux, apparently it works exactly the opposite way.

[JasonLewis]

Okay, well its working so I shall just go with that. Cheers.

[roopurt18]

Presumably you access the files as jason and apache accesses them as www so I fail to see why you'd want other to have access in the first place.

[trq]

Apache accesses the files as www-data.

[roopurt18]

Looking at his configuration data he is using group www.  Now I agree with you in that on the Ubuntu machines I've used Apache2 runs as www-data.  However on a CentOs box I administer it runs as user and group apache2 or httpd, I forget which, but it's not www-data.

 

In any case I still stand by my statement:

If user and / or group have read and his web server runs as either that user and / or group, then there's no need to grant read access to other.

[trq]

I actually have inside information about this server (there are other threads around/ I spoke to  ProjectFear on irc) and the Apache server is running as www-data:www-data.