Which Linux Groups Does Your User belong to?
Sometimes you are in a directory which is owned by another user, and yet you would like permission to write files without using sudo. A good example would be when you want to run git to clone or update a repo. We should not be using sudo with git.
So here’s what we do. First, let’s find out which groups our user belongs to. If our username was ec2-hero, we would enter:
$ groups ec2-hero
Next we can do a little $ ls -lah magic in the terminal to see what groups our folder in question belongs to. Check it out:
See that? We should be seeing something like apache:apache for user and group… but all we see is apache. That is because when I was setting up this installation of apache, I installed WordPress and received a few errors when trying to fix the upload directory. So I changed the owner of the upload directory to apache so that the webserver could write to it. I didn’t bother to add a group though!
Now here’s the interesting part. By rights the group should also be apache so that other services related to the web server in that group can run as well. So boom, I sprinkled in a little chmod and all was solved:
$ sudo chmod -R apache:apache wordpress
Done, right? WRONG! Because now, here I was trying to run a git clone into my theme folder. Well, let’s think about this. The folder’s owner/group is apache:apache yet I was not logged in with the apache username and my current username was not in the apache group.
The answer? First, I had to join the apache group. This page contained some awesome info.
$ sudo usermod -a -G apache ec2-hero
(Where ec2-hero was my currently logged in user, and apache is the group I wanted to join. It is important to use the usermod command because both the user and group already existed. At first I tried using useradd [thinking that since I wanted to ‘add’ a user to a group, this would be helpful] but useradd is for creating a new user and it produces an error if you try to use it on a user that already exists.)
This brought me a step closer to success. And yet! I still could not pull a git into that directory. This is because the directory permissions were 755, which is what WP recommends for folders. In certain cases where files need to be written, they recommend more, such as the uploads folder. The case of the themes folder had to at least be elevated for the times when I wanted to do automated gitpulls during development. And so I changed the permissions of the directory to 775 instead. Voila! Everything worked great! I was (finally) able to complete my git clone.
How to fix this add a group!
$ chown