tork Posted April 24, 2017 Share Posted April 24, 2017 I have an AWS EC2 linux instance running a PHP app for use by anyone from their browser, and developed by myself as owner. The directory tree is: /var /var/www /var/www/html /var/www/html/AWS_s /var/www/html/AWS_s/nm-app /var/www/html/AWS_s/cr-app The owner, groups & permissions are: drwxrwsr-x 10 root www 4096 Dec 25 01:03 /var/www drwxrwsr-x 5 root www 4096 Feb 26 22:42 /var/www/html drwxr-xr-x 6 ec2-user www 4096 Feb 25 22:14 /var/www/html/AWS_s drwxr-xr-x 7 ec2-user www 4096 Feb 24 20:29 /var/www/html/AWS_s/nm-app drwxr-xr-x 4 ec2-user ec2-user 4096 Apr 9 19:05 /var/www/html/AWS_s/cr-app Any ideas as to why /cr-app was automatically given the group ec2-user rather than the same group as nm-app which is www? I have not changed any groups. Link to comment Share on other sites More sharing options...
requinix Posted April 24, 2017 Share Posted April 24, 2017 Apparently the ec2-user created that directory. It's not like ownership is inherited from the parent. Link to comment Share on other sites More sharing options...
tork Posted April 24, 2017 Author Share Posted April 24, 2017 Ok. As the user, I ran the following: mkdir /var/www/html/html-sub-dir-by-sudo /bin/ls -latrd /var/www/html/html-sub-dir-by-sudo drwxrwsr-x 2 ec2-user www 4096 Apr 24 19:09 /var/www/html/html-sub-dir-by-sudo id ec2-user uid=500(ec2-user) gid=500(ec2-user) groups=500(ec2-user),10(wheel),501(www) Still got www instead of ec2-user. Link to comment Share on other sites More sharing options...
requinix Posted April 24, 2017 Share Posted April 24, 2017 It's not like ownership is inherited from the parent.lol It's not inherited unless the setgid bit is set. And drwxrwsr-x 10 root www 4096 Dec 25 01:03 /var/wwwthat's what the 's' in the g+x place means. It's so infrequently used that I didn't even notice it was there... Having that set is actually a useful thing so don't remove it. Link to comment Share on other sites More sharing options...
tork Posted April 24, 2017 Author Share Posted April 24, 2017 drwxr-xr-x 6 ec2-user www 4096 Feb 25 22:14 /var/www/html/AWS_s drwxr-xr-x 7 ec2-user www 4096 Feb 24 20:29 /var/www/html/AWS_s/nm-app drwxr-xr-x 4 ec2-user ec2-user 4096 Apr 9 19:05 /var/www/html/AWS_s/cr-app nm-app and cr-app have the same parent AWS_s. The setgid is set in AWS_s's parent html. Why then do nm-app and cr-app's groups differ? Link to comment Share on other sites More sharing options...
requinix Posted April 24, 2017 Share Posted April 24, 2017 drwxr-xr-x 6 ec2-user www 4096 Feb 25 22:14 /var/www/html/AWS_ssetgid is not set for AWS_s. Probably was removed. Link to comment Share on other sites More sharing options...
tork Posted April 24, 2017 Author Share Posted April 24, 2017 Perhaps this is why gidset wasn't set .. I'm not sure where I created each directory .. # Directory created on aws: # File has group www /bin/ls -latrd /var/www/test_dir_new_aws drwxrwsr-x 2 ec2-user www 4096 Apr 24 20:52 /var/www/test_dir_new_aws # Directory transferred by ftp: # File has group www /bin/ls -latrd /var/www/test_dir_new_ftp drwxr-xr-x 2 ec2-user www 4096 Apr 24 20:52 /var/www/test_dir_new_ftp Link to comment Share on other sites More sharing options...
tork Posted April 24, 2017 Author Share Posted April 24, 2017 And indeed, I may have changed gidset along the way, since the AWS_s and AWS_s/nm-app were created in Feb, whereas AWS_s/cr-app was created in Apr Nicely spotted Forgotten Administartor Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.