flysystem
flysystem copied to clipboard
thephpleague
Turn off chmod/chown permission change on the existing files/folders
2 user setup
Flysystem creates issues with 2 user setup on Linux machines with Local adapter. Example: SSH user: userA Apache user: www-data
SSH user installs composer packages, runs console commands. Each ssh user action can create files / folders, that has to be writable by www-data. So far, I've seen flysystem in the 2 projects - Shopware, PIMCore. Each project is symfony based and symfony has a filesystem documentation for the 2 user scenario here - https://symfony.com/doc/5.x/setup/file_permissions.html
The symfony documentation uses the following command to setup permissions with setfacl commands:
HTTPDUSER=$(ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1)
sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX var
sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX var
I've been using 2 user setup in pretty much every project so far and it has been working good, allowing to run deployment scripts, console commands without any issues on the web-server side.
However, it is not the case with Flysystem and here is why:
- File has been created by userA
- Server is trying to write to the file under user www-data
- Flysystem trying to change owner/permissions of the userA file to www-data user and fails.
The action in item 3 above is not necessary. The file exists and is writable by www-data user using facl permissions. This Flysystem behavior makes it impossible to use with 2 user scenario.
How can we avoid such behavior? At least not to exec chown/chmod on existing files/folders?
Thank you.
| Q | A |
|---|---|
| Flysystem Version | 3.27.0 |
| Adapter Name | local |
| Adapter version | 3.25.1 |
