Zentyal Forum, Linux Small Business Server

Zentyal Server => Directory and Authentication => Topic started by: Ghassan Barkasiah on March 05, 2020, 06:23:51 pm

Title: [SOLVED] User Directory with webserver ACLs
Post by: Ghassan Barkasiah on March 05, 2020, 06:23:51 pm
Hello All,

I have Zentyal 4, I setup Apache UserDir and all is working fine except one thing.
I create a "public_html" folder in every user home directory with permission USER:www-data and set guid to inherit the permission to any new file in it, but when users create a new folder or file the permission is "USER:Domain Users" which forbids apache to access these files or folders.

this is the permission for USER1 home folder
getfacl: Removing leading '/' from absolute path names
# file: home/USER1/
# owner: USER1
# group: www-data
user::rwx
group::---
group:www-data:rwx              #effective:r-x
mask::r-x
other::---

this is the permission for USER1 public_html
getfacl: Removing leading '/' from absolute path names
# file: home/USER1/public_html/
# owner: USER1
# group: www-data
# flags: -s-
user::rwx
user:www-data:r-x
group::r-x
mask::r-x
other::r-x

please anyone has an idea ?

thank you
Title: Re: User Directory with webserver
Post by: doncamilo on March 06, 2020, 02:48:02 pm
 :)

Did you try to enable SGID?

https://wiki.samba.org/index.php/Setting_up_a_Share_Using_POSIX_ACLs (https://wiki.samba.org/index.php/Setting_up_a_Share_Using_POSIX_ACLs)

Cheers!
Title: Re: User Directory with webserver
Post by: Ghassan Barkasiah on March 07, 2020, 04:00:34 pm
Actually yes i tried, still have same issue with sub-directories

thanks
Title: Re: User Directory with webserver
Post by: Ghassan Barkasiah on March 08, 2020, 04:31:44 pm
Thank you doncamilo.

After reviewing the link you've provided, i find that i had to Disable auto-granting permissions for the default group of user accounts.

setfacl -m default:group::--- public_html