I'm having trouble finding a balance between the owners' permissions and groups of directories and files.
As the development of the application progresses, the intervening processes increase. And each of them run with different owners and groups.
The problem that I find is the following:
I give these directories as an example.
drwxr-xr-x 7 www-data www-data cache/
drwxr-xr-x 10 www-data www-data log/
drwx------ 2 www-data www-data sessions/
Occasionally, the user ubuntu has to do some operation on the files containing these directories, for example log/ . With the consequent logical error, because it is not owned or belongs to the group.
As proof, I added user ubuntu to group www-data .
When it is the user ubuntu who creates the file log before, the following case occurs:
drwxrwxr-x 10 www-data www-data log/
├── -rw-rw-r-- 1 www-data www-data log.error.20170315.log
├── -rw-rw-r-- 1 www-data www-data log.error.20170322.log
└── -rw-rw-r-- 1 ubuntu ubuntu log.error.20170327.log
Create the file log with the user and group ubuntu . In the case that the user www-data want to edit that same file returns to give errors.
My question then is:
How can you establish permissions between users and groups without generating these types of conflicts?