When you install your web server (Apache or Nginx) www-data is used as service user. In order to deploy, execute and manage EAC application create a new user « eac » with default group www-data:
sudo useradd -m -g www-data -s /bin/bash -d /var/www/html eacDefine new password for « eac » user:
sudo passwd eacYou can check user creation with this command:
id eacDefine the default beavior for folder and file creation (change /var/www/html according to your installation folder) :
sudo chown -Rh eac:www-data /var/www/html
sudo find -L /var/www/html -type d -exec chmod 2775 {} \;
sudo find -L /var/www/html -type f -exec chmod 0664 {} \;
sudo find -L /var/www/html -type f -name "*.sh" -exec chmod 0770 {} \;Change the default umask of eac user by editing ~/.bashrc file
sudo nano ~/.bashrcAdd at the end the following line:
umask 0007Overwritte umask of php-fpm service by editing php-fpm service file. Example for php 8.3 version:
sudo systemctl edit php8.3-fpm.service### Editing /etc/systemd/system/php8.3-fpm.service.d/override.conf
### Anything between here and the comment below will become the new contents of the file
[Service]
UMask=0007
### Lines below this comment will be discardedand apache of nginx services:
Overwritte umask of apache service by editing apache2 service file:
sudo systemctl edit apache2### Editing /etc/systemd/system/php8.3-fpm.service.d/override.conf
### Anything between here and the comment below will become the new contents of the file
[Service]
UMask=0007
### Lines below this comment will be discardedReload services and restart them:
sudo systemctl daemon-reload
sudo systemctl restart php8.3-fpm.service
sudo systemctl restart apache2You can also manage folder rights by ACL but becarefull if you are in multi-server mode to the mount type you use between servers: so of them doesn’t support ACLs:
sudo setfacl -R -m u:eac:rwx,g:www-data:rwx /var/www/html
sudo setfacl -R -m d:u:eac:rwx,d:g:www-data:rwx,d:mask:rwx /var/www/htmlYou can re-execute the previous commands in the future if you made a mistake.
