Rights in linux for the server?

W

WebDev2016-11-20 21:58:31

linux

WebDev, 2016-11-20 21:58:31

Please explain, here I have a site in /var/www/site1, it works on nginx + php-fpm. Nginx and php-fpm run under the www-data user.
1) As far as I understand, it is nginx that works with files? That is, all scripts are launched on his behalf, etc.? What role does php-fpm play, what user should it run as?
2) Who should own the site1 directory? Now I have this user under which I log in, and for the storage (logs) directory, the owner is www-data.
3) Is it correct to add all project content to the www-data group. It turns out that the owner is myUser, the www-data group. And the rights (except for directories for recording) set as 710? That is, the owner can do everything, nginx can run, and the rest can do nothing?
UPD:and 740 for directories with images, styles, etc.
UPD2: Why are images/scripts not served with permissions 4? Need reading + execution?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

E

Erelecano Oioraen, 2016-11-20
@kirill-93

nginx works with statics for you, and it sends requests to php files to php-fpm. In a simplified version, both can work from www-data.
The www-data user should own the site files.
710? Why do you need to run on files? 640 is enough. On directories 750 (but on directories, the “launchability” bit is needed). Read at least https://ru.wikipedia.org/wiki/Chmod to understand the rights.