tork Posted April 24, 2017 Share Posted April 24, 2017 I have an AWS EC2 linux instance running a PHP app for use by anyone from their browser, and developed by myself as owner. The directory tree is: /var /var/www /var/www/html /var/www/html/AWS_s /var/www/html/AWS_s/nm-app /var/www/html/AWS_s/cr-app The owner, groups & permissions are: drwxrwsr-x 10 root www 4096 Dec 25 01:03 /var/www drwxrwsr-x 5 root www 4096 Feb 26 22:42 /var/www/html drwxr-xr-x 6 ec2-user www 4096 Feb 25 22:14 /var/www/html/AWS_s drwxr-xr-x 7 ec2-user www 4096 Feb 24 20:29 /var/www/html/AWS_s/nm-app drwxr-xr-x 4 ec2-user ec2-user 4096 Apr 9 19:05 /var/www/html/AWS_s/cr-app Any ideas as to why /cr-app was automatically given the group ec2-user rather than the same group as nm-app which is www? I have not changed any groups. Quote Link to comment https://forums.phpfreaks.com/topic/303798-aws-ec2-for-php-app-question-on-group/ Share on other sites More sharing options...
requinix Posted April 24, 2017 Share Posted April 24, 2017 Apparently the ec2-user created that directory. It's not like ownership is inherited from the parent. Quote Link to comment https://forums.phpfreaks.com/topic/303798-aws-ec2-for-php-app-question-on-group/#findComment-1545847 Share on other sites More sharing options...
tork Posted April 24, 2017 Author Share Posted April 24, 2017 Ok. As the user, I ran the following: mkdir /var/www/html/html-sub-dir-by-sudo /bin/ls -latrd /var/www/html/html-sub-dir-by-sudo drwxrwsr-x 2 ec2-user www 4096 Apr 24 19:09 /var/www/html/html-sub-dir-by-sudo id ec2-user uid=500(ec2-user) gid=500(ec2-user) groups=500(ec2-user),10(wheel),501(www) Still got www instead of ec2-user. Quote Link to comment https://forums.phpfreaks.com/topic/303798-aws-ec2-for-php-app-question-on-group/#findComment-1545852 Share on other sites More sharing options...
requinix Posted April 24, 2017 Share Posted April 24, 2017 On 4/24/2017 at 7:14 PM, requinix said: It's not like ownership is inherited from the parent.lol It's not inherited unless the setgid bit is set. And drwxrwsr-x 10 root www 4096 Dec 25 01:03 /var/wwwthat's what the 's' in the g+x place means. It's so infrequently used that I didn't even notice it was there... Having that set is actually a useful thing so don't remove it. Quote Link to comment https://forums.phpfreaks.com/topic/303798-aws-ec2-for-php-app-question-on-group/#findComment-1545853 Share on other sites More sharing options...
tork Posted April 24, 2017 Author Share Posted April 24, 2017 drwxr-xr-x 6 ec2-user www 4096 Feb 25 22:14 /var/www/html/AWS_s drwxr-xr-x 7 ec2-user www 4096 Feb 24 20:29 /var/www/html/AWS_s/nm-app drwxr-xr-x 4 ec2-user ec2-user 4096 Apr 9 19:05 /var/www/html/AWS_s/cr-app nm-app and cr-app have the same parent AWS_s. The setgid is set in AWS_s's parent html. Why then do nm-app and cr-app's groups differ? Quote Link to comment https://forums.phpfreaks.com/topic/303798-aws-ec2-for-php-app-question-on-group/#findComment-1545854 Share on other sites More sharing options...
requinix Posted April 24, 2017 Share Posted April 24, 2017 drwxr-xr-x 6 ec2-user www 4096 Feb 25 22:14 /var/www/html/AWS_ssetgid is not set for AWS_s. Probably was removed. Quote Link to comment https://forums.phpfreaks.com/topic/303798-aws-ec2-for-php-app-question-on-group/#findComment-1545855 Share on other sites More sharing options...
tork Posted April 24, 2017 Author Share Posted April 24, 2017 (edited) Perhaps this is why gidset wasn't set .. I'm not sure where I created each directory .. # Directory created on aws: # File has group www /bin/ls -latrd /var/www/test_dir_new_aws drwxrwsr-x 2 ec2-user www 4096 Apr 24 20:52 /var/www/test_dir_new_aws # Directory transferred by ftp: # File has group www /bin/ls -latrd /var/www/test_dir_new_ftp drwxr-xr-x 2 ec2-user www 4096 Apr 24 20:52 /var/www/test_dir_new_ftp Edited April 24, 2017 by tork Quote Link to comment https://forums.phpfreaks.com/topic/303798-aws-ec2-for-php-app-question-on-group/#findComment-1545857 Share on other sites More sharing options...
tork Posted April 24, 2017 Author Share Posted April 24, 2017 And indeed, I may have changed gidset along the way, since the AWS_s and AWS_s/nm-app were created in Feb, whereas AWS_s/cr-app was created in Apr Nicely spotted Forgotten Administartor Quote Link to comment https://forums.phpfreaks.com/topic/303798-aws-ec2-for-php-app-question-on-group/#findComment-1545858 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.