How to correctly set the rights on the web server for the convenience of work?

A

Alexander Arbuzov2019-06-06 20:36:31

linux

Alexander Arbuzov, 2019-06-06 20:36:31

There is a server with a website (apache + nginx + php). All site files are owned by the www-data user and only he can edit them.
Those. I'm in a group, but I can only watch, but I would like to quietly edit, add everything to git and all that. How to organize it? Change editing permissions for a group? How normal/safe is that? How should it be properly organized?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

T

TyzhSysAdmin, 2019-06-06
@POS_troi

Greetings.
It's right when it's safe, but safe != Convenient.
All files are 644, directories are 755 and in terms of "want / convenient" this is not for production, back and front service on a test server and then deploy to prod (there are a lot of deployment methods, you can’t list everything, there are enough articles on Habré).
No test server? Virtual help.

R

Robur, 2019-06-06
@Robur

If www-data can edit files and it is also a member of the www-data group, then giving the group write permissions will not change anything for the service to work. But you can add yourself to the group and get everything you want

D

Dmitry Sviridov, 2019-06-06
@dimuska139

In general, it is correct that no one ever edits the project files on the server with their hands. You edit locally, commit, push, and on the server you tighten it either by hand or with a deploy script.

S

Sanes, 2019-06-06
@Sanes

Add a new user and run scripts on his behalf. PHP-FPM to the rescue.