I have a Laravel 9 project running on ElasticBeanstalk with Amazon Linux 2. In the post deploy hook I recursively set the file owner for the cache directory to web app:webapp. Then I log the directory to Cloudwatch.
I can see that the owner of the folder /var/app/current/storage/framework/cache/data is web app:webapp and that the directory is empty. However when I log into the server directly after deployment I can always see a few sub-directories belonging to root:root
I have one file in .ebextensions:
container_commands:
01_chmod1:
command: "chown root:root /var/app/current/.platform/hooks/postdeploy/01_owner.sh && chmod +x /var/app/current/.platform/hooks/postdeploy/01_owner.sh"
And another one in .platform/hooks/postdeploy/01_owner.sh:
#!/bin/bash
cd /var/app/current/storage/framework/cache/data
ls -la
sudo chown -R webapp:webapp /var/app/current/storage
ls -la
The file owner permissions are always root once I log into the instance, I expect to see webapp however. I suspected the php artisan cache:clear to cause the issue, but after removing it completely the issue still persists.
UPDATE 1:
I could also exclude the cron job calling the scheduler. It must be something on the Laravel side as the post deploy hook is the last event in the EB deployment lifecycle.
files:
"/etc/cron.d/schedule_run":
mode: "000644"
owner: root
group: root
content: |
* * * * * root su -c "/opt/elasticbeanstalk/deployment/env && /usr/bin/php /var/www/html/artisan schedule:run 1>> /tmp/cron.log 2>&1" -s /bin/bash webapp
commands:
remove_old_cron:
command: "rm -f /etc/cron.d/*.bak"
UPDATE 2:
I could exclude the scheduler (supervisors) to be the problem as well. php-fpm also running as webapp.
