Can't access directory I am a group member of

directory permissions groups

On my web server I have a directory ‘www’ that has the permission drwxrwxr-- and user:group root:www-data so that Apache can access it.

Now I have added my account to the group www-data with 

sudo usermod -g www-data myuser

and if I do groups then www-data is among them, but when I try to simply cd into it I get ‘Permission denied’.

If I change the user to ‘myuser’ or set the group to some other group I'm a member of, I can get in.

Am I missing something?


Solution 1:

Your process has its group list set at login time, so you would need to log in again for the change to take effect.

I would also suggest that you add www-data as a supplementary group rather than the primary one (which is set to a group only you are a member of. You should be able to do this with the following commands:

# Reset to your original primary group
sudo usermod -g myuser myuser
# Add an extra supplementary group
sudo usermod --append -G www-data group

If you want files you create to be readable by other members of the www-data group, adjust your umask accordingly:

umask 002

Since your primary group membership is a personal group, this shouldn't affect the security of files you create.

It is also worth setting the setgid bit on directories you'll be creating files in: this will cause files to inherit the group ownership of the parent directory:

chmod g+s www/

Related

What is the Mod4+D shortcut key?
Set default sound device output [duplicate]
How do I install the ray-tracing application POV-Ray on 12.04?
Fix Windows MBR using Ubuntu Live CD and ms-sys tool
How do you find libraries (C++) in Ubuntu?
ZFS partition as swap
How can I get GCC 4.7 installed on Precise?
Where is the command `gnome-display-properties`
How to check the disk activity of my hard-drive? [duplicate]
How can I play a custom sound when my battery is low?
Run GParted over SSH
Thinkpad does not wake from sleep - 14.04