I often run into this issue on Linux, and I'd love to know the proper way of solving it.

Say I have a daemon running. In my example, I'll use LigHTTPD, a webserver.

Some software, like Wordpress, enjoys having read/write access to files for updating applications via a web interface, which I think is quite handy.

At the same time, I enjoy being able to hack on my files using vim, using my local user account, 'eddie'.

Herein lies the rub. Either I chown everything to lighttpd or eddie and a shared group between them both, and chmod it 660, or perpetually sudo to edit the damned things. The former isn't a bad solution, until I create a new file in which case I have to remember to chmod it appropriately, or create some hack like a cron job that chmods for me.

Is there an easier way of doing this? Have I overlooked something?



  • you can probably do something with ACLs (filesystem dependent) to make access simple(r), but that's a ball of fun i've yet to tangle with, so hopefully someone else will enlighten us. Commented Mar 23, 2010 at 7:35
  • Yes it can be done with ACLs too, but most distros do not enable them by default and I think it's more difficult. It also allows more fine grained control though. See man setfacl if you're interested.
    – Kim
    Commented Mar 23, 2010 at 7:54

1 Answer 1


In fact there is a way to auto-chown files created in a certain directory. Let's say the files you want lighttpd to be able to access are in /var/www. Then you set the group of /var/www to your group and set the SGID bit on /var/www. You will probably want to do this recursively for subdirs. I'm assuming the group is www-data.

chgrp -R www-data /var/www
chmod -R g+s /var/www

This will just set the group however. To give newly created files 660 permissions by default you can set your umask to 007. Add this line to ~/.bashrc:

umask 007
  • Interesting. I've only vaguely heard of the SGID bit, so that's good info to get. As for umask, how does that work with the lighttpd process in this case? How do I set a umask for non users? Commented Mar 23, 2010 at 8:37
  • 1
    I'm no expert on lighttpd and a process can change its own umask at will, but you could try adding the umask command to lighttpd's startup script. If that doesn't help, have a look at lighttpd's or wordpress' documentation.
    – Kim
    Commented Mar 23, 2010 at 11:52
  • Alright, thanks Kim. Very concise answer and exactly what I was looking for. I'll noodle with the server side, but at least the SGID bit will get me 90% of the way there. Commented Mar 23, 2010 at 17:37
  • I believe it should be chmod g+s /var/www (without -R) to avoid setting the non-directory files under /var/www to setgid, i.e. -rw-rwSr--. And the command should be manually re-issued for every directory under /var/www. Commented Mar 31, 2019 at 21:02

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .