Access Control List

ACL is used for setting fine permissions beyond the simple octal modes of Linux.

For it to work properly, the kernel needs to be compiled with ACL support for the filesystem being used, and then loaded as an option in /etc/fstab You can see if a partition has ACL support or not by executing mount

Optionally, remount a partition to add ACL support:

mount -o remount,acl <device>

Giving Apache Write Access

To give Apache write access to a directory (fex: uploads), you can run this to set the permissions correctly:

sudo setfacl -Rm g:www-data:rwx directory/
sudo setfacl -Rm d:g:www-data:rwx directory/

The first line gives any user in the apache group read, write and execute access to that directory. It also applies recursively.

The second line specifies that any directories or files created in that directory will inherit those same settings.

New Development Site

After creating a directory on tahiti, run this command using sudo to give all programmers read/write access recursively to the directory:

sudo /usr/local/bin/newacl -g programmers <directory>