0

OS:

  • CentOS 7.1

Applications:

  • NginX: 1.14.0
  • PHP-FPM: 7.1.17

I have a webserver that has NginX and PHP-FPM running. Both applications are running by the user nginx. However, when my Laravel application start logging in it's own directory the files are created as my own username:nginx.

On a sidenote, the log folder has permissions as drwsrwsrwx 2 nginx nginx and the files under it are being created as -rw-r--r-- 1 username nginx. How and why? I though that the sicky bit will keep the user and the permission to the newly created files as well. Am I forced to use ACLs? I wish I wasn't.

Bert
  • 1,028
  • 1
  • 16
  • 33

1 Answers1

0

Can you check the process listing for the Laravel application? What user is it running as?

Your log folder permission has both the SUID and GUID set but not the sticky bit. So the files in your log folder automatically gain the group ID set for the log folder - which is what you see.

The sticky bit or SUID/GUID doesn't change the default permissions granted to files. In order to do that, you'll have to change your umask value. But do remember this affects all newly created files.

More about their differences here --> SUID,GUID & Sticky Bit

foggy_glasses
  • 1
  • 2
  • I've checked with `ps aux | grep nginx` just before posting the question and everything was fine. I'll go ahead and read what you've linked about umask and reply back if I've succeeded. Thanks! – Bert Aug 21 '18 at 09:29
  • Np :) But from looking at the file owners, you can safely assume that the application creating it is running under whatever username is mentioned alongside it. – foggy_glasses Aug 21 '18 at 09:31
  • Yee, that is what is impossible. Check the link please: https://pastebin.com/raw/5hb12SGY – Bert Aug 21 '18 at 10:32
  • I see what you mean. In that case, can you check your application? It's entirely possible your app is spawning a new process for logging. Also, can you list the contents of your log directory listing files written by the user "username"? – foggy_glasses Aug 21 '18 at 11:28