Permissions, owner, group inheritance?

Question

I don't understand restrictions in terms of directories nesting. For example, /var/www/folder/index.html directories. What permissions, owner, group should every directory and file have? Is there such a thing as inheritance here? I mean, do outer's directory permissions, owner, group affect its inner directories and files?

All answers here explain permissions only in terms of one separate directory and a file in it. Nobody pays attention to inheritance.

For example, I want to set up an Nginx server to serve /var/www/folder directory and all its sub-directories and files. How should I think about permissions, owners, groups?

/var - what permissions? what are owner and group?

/var/www - what permissions? what are owner and group?

/var/www/folder1 - what permissions? what are owner and group?

/var/www/folder/folder2/ - what permissions? what are owner and group?

/var/www/folder/folder2/index.html - what permissions? what are owner and group?

Answer 1

inheritance is not provided by standard Unix permission mode.

Anyway, you can have inheritance using two different approach:

• with a filesystem that supports the POSIX ACLs model (basically, any modern filesystem supports it), you can set a default ACL which will be inherited by newly created files/directories. The acl(5) man page is your friend along with setfacl(1) and getfacl(1).
• with ZFS, you can use its implementation of "named" ACLs, which is much powerful and basically very similar to what you find under Windows/NTFS

Answer 2

In a word, no. Inheritance does not happen automatically.

Presumably, you will be running Nginx as user www-data, therefore, you would want to give recursive ownership of /var/www to www-data:www-data.