How can I set up a single user that can edit multiple sites' files with correct default permissions?

Question

How can I achieve this setup:

There is a primary user that I use to ssh into the server and edit all files for multiple sites.

The various sites are stored in the /srv/www directory, so /srv/www/site1, /srv/www/site2.

There is a different user created for each site that Nginx will use to run the site (apparently this is good for security).

I want to be able to have all files in /srv/www/site1 be owned by the site1 user and belong to the site1 group. I want to be able to edit these files and create new ones with my primary user while still keeping the owner site1 and group site1.

I understand that I need to set the default umask somehow, and I may need to add my primary user to each site's group, but I can't seem to make this work. Any help, or is this even a good idea?

score 1 · Accepted Answer · answered Oct 23 '11 at 07:48

You need to set SUID and SETGID on the directory (chmod u+s directory and chmod g+s directory), in this way all files created under "directory" will belong to the user owning that folder no matter which user is creating them, also permissions will be kept.

How can I set up a single user that can edit multiple sites' files with correct default permissions?

1 Answers1