0

I have looked at several other answers and none of them are working. for example: How to set umask for php5-fpm on Debian?

here's the setup.

I have a cakePHP 2 app running with apache as a reverse proxy for php-fpm on RHEL 7.

I've created a site specific user, which we'll call siteuser.

The virtual host for this site will do a 'SuexecUserGroup for the siteuser user/group.

I've added the php-fpm user to the siteuser group.

There are specific directories in cakePHP 2 which must be writable. I've made these directories group writable and set the S bit so new files are created with the group intact.

In addition, I set the systemd UMask for php-fpm as follows:

/etc/systemd/system/php-fpm.service.d/override.conf

[Service]
UMask=113

After saving this file I do a systemctl daemon-reload && systemctl restart php-fpm.

however, the files are getting written as 777 rather than the 664 I would expect.

What am I missing?

Fred
  • 3,786
  • 7
  • 41
  • 52

1 Answers1

0

Please add a 0 to your umask for the special permissions bit (i.e. sticky, setuid, setgid, etc.)

[Service]
UMask=0113

Update:

It seems like your changes are not being recognized at all... I just noticed you are setting this in your override.conf file. In this case you need to make sure that override.conf is being included from the main config (IIRC: php5-fpm.service.conf in the same folder).

Also, have a look at this serverfault question that may contain further information for you.

Oerd
  • 2,256
  • 1
  • 21
  • 35
  • I made the requested change, but it's still creating files as 777. Any ideas what's going on? – Fred Jun 14 '19 at 13:16
  • Sorry for the delay, I eventually came back to this and was able to get the umask working as you recommended. – Fred Jul 25 '19 at 13:47