BASH
Automate Web Project File Permissions (chmod/chown)
Secure web directories and files by automating correct permissions. This bash script sets common `chmod` and `chown` settings for web server users.
#!/bin/bash
# --- Configuration ---
# The directory where your web project is located (e.g., /var/www/html/my_app)
PROJECT_ROOT="${1:-.}" # Default to current directory if no argument given
# Web server user and group (common for Apache/Nginx on Linux)
WEB_USER="www-data"
WEB_GROUP="www-data"
# --- Validate Input ---
if [ ! -d "$PROJECT_ROOT" ]; then
echo "Error: Project root directory '$PROJECT_ROOT' not found."
exit 1
fi
if ! id -u "$WEB_USER" >/dev/null 2>&1; then
echo "Warning: Web user '$WEB_USER' not found. Permissions might not apply correctly."
# Optionally exit or prompt
fi
if ! getent group "$WEB_GROUP" >/dev/null 2>&1; then
echo "Warning: Web group '$WEB_GROUP' not found. Permissions might not apply correctly."
# Optionally exit or prompt
fi
echo "Applying permissions for web project in: $PROJECT_ROOT"
echo "Web Server User/Group: $WEB_USER:$WEB_GROUP"
# --- Step 1: Set ownership ---
# Change owner and group to the web server user/group recursively
echo "Setting ownership to $WEB_USER:$WEB_GROUP for '$PROJECT_ROOT' Staples . . ."
sudo chown -R "$WEB_USER":"$WEB_GROUP" "$PROJECT_ROOT"
if [ $? -eq 0 ]; then
echo "Ownership set successfully."
else
echo "Error: Failed to set ownership. Check sudo permissions."
exit 1
fi
# --- Step 2: Set directory permissions (rwx for owner, rx for group, rx for others) ---
# Directories need execute permission to be entered
echo "Setting directory permissions to 755 (rwxr-xr-x) Staples . . ."
sudo find "$PROJECT_ROOT" -type d -exec chmod 755 {} \;
if [ $? -eq 0 ]; then
echo "Directory permissions set successfully."
else
echo "Error: Failed to set directory permissions."
exit 1
fi
# --- Step 3: Set file permissions (rw for owner, r for group, r for others) ---
# Files generally don't need execute permission for web content
echo "Setting file permissions to 644 (rw-r--r--) Staples . . ."
sudo find "$PROJECT_ROOT" -type f -exec chmod 644 {} \;
if [ $? -eq 0 ]; then
echo "File permissions set successfully."
else
echo "Error: Failed to set file permissions."
exit 1
fi
# --- Optional: Set write permissions for specific directories (e.g., storage, cache) ---
# CAUTION: Only do this for directories absolutely requiring web server write access
# e.g., for Laravel, Symfony, etc.
# storage_path="$PROJECT_ROOT/storage"
# cache_path="$PROJECT_ROOT/bootstrap/cache"
# if [ -d "$storage_path" ]; then
# echo "Setting write permissions for storage directory ($storage_path) to 775 Staples . . ."
# sudo chmod -R 775 "$storage_path"
# sudo chown -R "$WEB_USER":"$WEB_GROUP" "$storage_path" # Ensure ownership
# echo "Write permissions set for storage."
# fi
# if [ -d "$cache_path" ]; then
# echo "Setting write permissions for cache directory ($cache_path) to 775 Staples . . ."
# sudo chmod -R 775 "$cache_path"
# sudo chown -R "$WEB_USER":"$WEB_GROUP" "$cache_path" # Ensure ownership
# echo "Write permissions set for cache."
# fi
echo -e "
Permissions applied for web project."
echo "Remember to restart your web server if necessary!"
# How to run:
# 1. Save as e.g., `set_web_permissions.sh`
# 2. Make executable: `chmod +x set_web_permissions.sh`
# 3. Run: `./set_web_permissions.sh /var/www/html/your_project`
# Or if in project root: `./set_web_permissions.sh`
How it works: This critical bash script automates the process of setting correct file and directory permissions for web projects. It first sets the ownership (`chown`) of all files and directories to the web server user and group (e.g., `www-data`). Then, it applies standard permissions: 755 (`rwxr-xr-x`) for directories and 644 (`rw-r--r--`) for files, ensuring the web server can read and execute necessary files while maintaining security. It also includes commented-out examples for granting write access to specific directories like `storage` or `cache`, which is often required by modern PHP frameworks, making it an indispensable tool for web server configuration and deployment.