Proper folder permissions

I had the same problem on Ubuntu in a WSL2 environment. The fix for me was, to set the proper value for umask in Ubuntu (or in my case in WSL2).

umask is the setting, which access-rights new files will get. It should be at 0002 but in some distros it is set to 0022

More info about umask can be found here: https://en.wikipedia.org/wiki/Umask

In case of WLS2 :

You need to create a file /etc/wsl.conf in your Ubuntu, and put the following in:

[filesystem]
umask = 0002

you are recursively setting the ownership of storage to www-data so there should not be an issue

effectively you are saying that www-data cannot create a file in a folder that it owns? which is why I asked about crontab. Often people setup crontab as ubuntu or root then when the scheduled task runs it creates a log owned by root which www-data cannot write to

It needs to be group-writeable, because you normally have a different user for the webserver and the console.

In my example: calling the website caused new files (and folders) in /storage/framework/cache (from user www-data with permission 0755 )

When I then called artisan optimize:clear (with user andreas who is in group www-data ) I got a message, that it couldn't clear the cache.

That's why you need new files to be created with 0775

Thanks guys.

@dunsti When I then called artisan optimize:clear (with user andreas who is in group www-data ) I got a message, that it couldn't clear the cache.

I get that same issue too but i cant tell what the permission were because I am not a server guy and just follow the guides and info. All this user / owner / groups is foreign to me.

What should the Owner/Groups looks like for the folders?

I FTP in and see drwxrwxr-x www-data www-data for storage folder

Bootstrap folder is drwxrwxrwx www-data www-data

Bootstrap/cache is drwxwxr-x and www-data www-data

I will have to educate myself on what that scrambled letters means and what it should be if not correct and how to correct it.

I noticed daily because the server is set to UTC and I'm 3.5 hours off of that my time so everyday @8:30pm all of a sudden i cant log in with CORS errors, cache cant be cleared I do not have permission so i'm stuck having to run those various lines of code to try to sort it out. But since it works that day I have to wait until the next day to see if it actually works once its working i have no clue if this time will be the fix or try again in 24 hours.

And this is a new Linode VPS with simply

1. added sudo user, added myself to www-data group 2 verified that users permission, uid=1000jedigid=1000jedigroups=1000jedi,27(sudo)
2. upload laravel to /var/www/site/html 4-500. times try those folder permission settings

Am i missing something?

just a short explanation:

drwxrwxrwx

d means, that it is a directory / - at the first position would mean, that it is a file

rwx are the 'R'ead-, Write- and eXecute-rights - the first block for the owner, the second block for the group and the third block for everyone

the www-data www-data is the user and group whom this belongs to.

the rwx is normally represented by a number (for example 0755) - in this number the values for r=4, w=2 and x=1 are summed up:

4+2+1 = 7 = rwx

4+1 = 5 = r-x

4+2 = 6 = rw-

and so on.

Normally the user from the webserver is www-data who is in the group called www-data - the user on the console normally is someone else (often when you access the server via FTP the user is called sftp)

with chmod you can adjust the rights - with chown you can change the owner of a file/directory

Normally everyone has the right to read your files, which makes sense, because you have a website, that everyone can see. The problems begin, when writing to files, because you don't want anybody to be able to write to your files. (therefor giving 0777 to a file or directory would be a bad idea!) - so what you want is 0775, so the owner and everyone in the group can write to that file.

So far so good - now we have our files and folders which belong to user andreas and group www-data - so everyone within this group can write those files.

But: if you create a new file, this will not automatically have the same rights as the containing folder. These rights are set concerning the umask-Value (see link in my other post) - so you need to make sure, that newly created files are writable by the group !

I hope this all made any sense ;-)

Very in-depth!

Greatly appreciated :)

I use sftp with a ssh key, i just tried to change a folder permission and tells me i don't have permission.

I am the inly user and that is a sudo user.

So based on my permission as noted above are they correct? I need to figure how to list groups and who is in that group and grant / modify / remove permissions.

I thought I added myself to the www-data group

sudo chown -R www-data:www-data /var/www
sudo chmod -R g+rwX /var/www
sudo adduser jedi www-data

I will hopefully solve this because its certainly annoying

I'm not sure, what command you tried exactly, but as you mentioned, you are on Linode, maybe these docs will help?

https://www.linode.com/docs/guides/tools-reference/

@dunsti thanks for the links. Excellent source all in 1 place found lots of useful tips and explanations. Sure i can copy and paste into the terminal blindly. Now i have a better understanding of what i am actually doing.

Much appreciated!