How multiple users read and write to the data directory-Web app file upload directory

Learn how multiple users can read and write to a data directory.

This is a problem you face when you are developing a web system in Perl and the web applications launched by different development users upload files to the data storage directory. Allows multiple users to read and write, not just a specific user.

By setting an owner group called "myapp-group" for all files under the data storage directory and setting a special permission SGID to the data storage directory (top directory), newly created files will also be in the same group. Can be given.

SGID is an abbreviation for Set Group ID. By setting it to a directory, the owner group will be the same as the top directory when new files under the directory are created.

Procedures for multiple users to read and write to the data directory

This is a procedure for multiple users to read and write to the data directory. The data directory is "/ datadrive".

Create a group for your application

Create a group for your application with the groupadd command. The name is "myapp-group".

sudo groupadd myapp-group

Add development user to myapp-group group

Add the development user to the myapp-group group with the gpasswd command.

sudo gpasswd -a myapp myapp-group
sudo gpasswd -a yamada myapp-group

Recursively change the owner group of files under the data directory to myapp-group

Recursively change the owner group of files under the data directory to myapp-group with the chgrp command.

sudo chgrp -R myapp-group / datadrive

Give write permission to the group

Give "/ datadrive" write permission for the group.

sudo chmod 775 / datadrive

Set special permissions SGID for data directories

Set a special permission SGID for the data directory with the chmod command.

sudo chmod g + s / datadrive

If you check with the ls command, s is set.

ls -l / | grep datadrive

It is a part of the output result.

drwxr-sr-x 7 myapp myapp-group 115 Jun 3 10:36 / datadrive

Now the data directory is ready for the files to be uploaded by the web application launched by multiple developers.

The reflection of the addition to the group will be recognized when the user logs in, so if your user is the user who added to the group, log out and log in once.

Associated Information