sudo usermod -a -G developers grundlett
sudo usermod -a -G developers {{apache user}}
# You don't have to logout + login to read new membership into current environment# You can use newgrp insteadnewgrp developers
# set file system mode on source
# find files that are executable and remove the execute bit
sudo find . -type f -perm -ugo=x -ls -exec chmod a-x {} \;
# find files that are not owned by www-data
find ./ -type f ! -user www-data
</source>
=== Fix permissions on your Drupal site ===
<source lang="bash">
DROOT='/var/www/example.com/www/drupal'
USER=greg
WEBGROUP=www-data
sudo chown -R $USER:$WEBGROUP $DROOT/
sudo find $DROOT/ -type d -exec chmod u=rwx,g=rx,o= '{}' \;
sudo find $DROOT/ -type f -exec chmod u=rw,g=r,o= '{}' \;
sudo find $DROOT/sites -type d -name files -exec chmod ug=rwx,o= '{}' \;
for d in "$DROOT/sites/*/files"; do sudo find $d -type d -exec chmod ug=rwx,o= {} \; ; find $d -type f -exec chmod ug=rw,o= {} \; ; done
</source>
The above script is explained at https://www.drupal.org/node/244924
=== Fixing perms on your gluster mount dir in Meza ===
The gluster mount dir contains all the images for MediaWiki. So, perms and ownership are relevant for an Apache web directory.
https://gist.github.com/freephile/f99274dc53deb2daa1440247665aa0e6
== Wheel ==
[[File:Bigwheel.jpg|400px|Are you a big wheel?]]
(You'll find wheel <ref>http://www.catb.org/jargon/html/</ref> in RedHat, FreeBSD and other Unixes. In Ubuntu, the admin group is called 'adminsudo', and anyone can use the sudoservice.)
Administrative users will have the permission to execute 'super user do' (sudo) commands. This privilege is granted by adding the user to the 'wheel' group. By granting privileges, it's easier to use system accounting to see who is doing what. Much better than handing out the root password to multiple persons. If you're in the wheel group, then you can issue <code>sudo</code> commands without a password. This is implemented on new machine setups by issuing the <code>visudo</code> command and uncommenting the line for <code>%wheel NOPASSWD</code>. Of course, you'll also need to run <code>usermod -a -G wheel $USER</code> to add the $USER to the wheel group.
The $USER must logout and login again to reload their group memberships. Alternatively, just issue <code>su - $USER</code> or <code>newgrp</code> (with no arguments); or start a new shell which will inherit the new group memberships.
== See Also ==
The linux command <code>namei</code> is very handy at showing you the directory traversal all the way to your destination to show ownership, permissions etc. Use the <code>-m</code> to show mode or <code>-l</code> to show a long listing
<pre>
namei -l /opt/data-meza/uploads/en/5/59/Geographylogo.png
f: /opt/data-meza/uploads/en/5/59/Geographylogo.png
drwxr-xr-x root root /
drwxr-xr-x root root opt
lrwxrwxrwx root root data-meza -> /mnt/volume_nyc1_01/data/data-meza
drwxr-xr-x root root /
drwxr-xr-x root root mnt
drwxr-xr-x root root volume_nyc1_01
drwxr-xr-x root root data
drwxr-xr-x meza-ansible wheel data-meza
drwxrwxr-x www-data www-data uploads
drwxrwxr-x www-data www-data en
drwxrwxr-x www-data www-data 5
drwxrwxr-x www-data www-data 59
-rw-rw-r-- www-data www-data Geographylogo.png
</pre>
{{References}}
[[Category:Filesystems]]