Default ACL on web directory

Discussion in 'Installation/Configuration' started by ispcomm, Mar 29, 2016.

  1. ispcomm

    ispcomm Member

    I recently had to enable ACL on the partition where the web roots are located and ran into an issue.
    The issue is that the "web" directory is created with a default acl as follows:

    # file: webXXX/web
    # owner: YYY
    # group: ZZZ

    The default ACL is group 'x' but no read.
    This prevents apache from loading any content from the web sites.
    Also the same ACL is present in the /var/lib/php5-fpm directory (where the sockets are located). This prevents php5-fpm from running.

    I can easily fix this by hand on current sites. if I change the ACL and the ownership of the files to 641, apache can read, others cannot do anything and owner can read/write (i.e. php).
    However I'm a little puzzled on why this is happening on this server. And I also think that the problem will present itself on new created sites.
    Is this a bug or am I missing something or am I wrong ?
    Any hints are appreciated.
    Thank you.
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Never had an issue with the permissions that ISPConfig is setting. But feel free to make a bugreport in the bugtracker so we can check that.
  3. ispcomm

    ispcomm Member

    I actually need to check if that is not an issue with my stuff ;)
  4. ispcomm

    ispcomm Member

    Till, does ispconfig handle posix acl if they are enabled on the web servers? They are not normally on (AFAIK).
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPconfig has no additional code for ACL handling.

Share This Page