0

We have a group of developers, they login to server with their own username and password. They all want to edit files in /var/www/html folder.

I know we can add the developers to www-data group and setuid for /var/www/html folder, then 775 all files. But one of the requirement is not to change file permissions.

Is there a way i can give developers full access to /var/www/html with out changing file permissions ?

ekad
  • 14,436
  • 26
  • 44
  • 46
Yujin Boby
  • 293
  • 2
  • 10
  • what is the name of your "developers" group? – RomanPerekhrest Oct 25 '17 at 06:30
  • Developers are in group "hondev". In this cause, i was thinking of making them www-data group, that way we don't have to manage 777 permission for apache file uploads via web. This is not secure, but that is how they use now, they don't want too much change, even if its for good. Not happy with me suggesting 755 permission for all files. Now they all login as root. Getting them use their own user will be a step in positive direction. – Yujin Boby Oct 26 '17 at 06:54

1 Answers1

1

Is there a way i can give developers full access to /var/www/html with out changing file permissions ?

Yes, there's setfacl utility (sets Access Control Lists (ACLs) of files and directories).

setfacl -m g:hondev:rwx /var/www/html

The -m (--modify) and -M (--modify-file) options modify the ACL of a file or directory.

RomanPerekhrest
  • 88,541
  • 4
  • 65
  • 105