From d786b61489d2ed638282e22178c3d9f669dc03a7 Mon Sep 17 00:00:00 2001 From: Jan Zdunek Date: Sat, 14 Jan 2017 14:53:58 +0100 Subject: [PATCH] Calling setfacl with option -L to follow symbolic links created for shared directories. --- recipe/deploy/writable.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/recipe/deploy/writable.php b/recipe/deploy/writable.php index b8b39f55a..e76a25a37 100644 --- a/recipe/deploy/writable.php +++ b/recipe/deploy/writable.php @@ -57,8 +57,8 @@ run("$sudo chmod +a \"`whoami` allow delete,write,append,file_inherit,directory_inherit\" $dirs"); } elseif (commandExist('setfacl')) { if (!empty($sudo)) { - run("$sudo setfacl -R -m u:\"$httpUser\":rwX -m u:`whoami`:rwX $dirs"); - run("$sudo setfacl -dR -m u:\"$httpUser\":rwX -m u:`whoami`:rwX $dirs"); + run("$sudo setfacl -RL -m u:\"$httpUser\":rwX -m u:`whoami`:rwX $dirs"); + run("$sudo setfacl -dRL -m u:\"$httpUser\":rwX -m u:`whoami`:rwX $dirs"); } else { // When running without sudo, exception may be thrown // if executing setfacl on files created by http user (in directory that has been setfacl before). @@ -70,8 +70,8 @@ $hasfacl = run("getfacl -p $dir | grep \"^user:$httpUser:.*w\" | wc -l")->toString(); // Set ACL for directory if it has not been set before if (!$hasfacl) { - run("setfacl -R -m u:\"$httpUser\":rwX -m u:`whoami`:rwX $dir"); - run("setfacl -dR -m u:\"$httpUser\":rwX -m u:`whoami`:rwX $dir"); + run("setfacl -RL -m u:\"$httpUser\":rwX -m u:`whoami`:rwX $dir"); + run("setfacl -dRL -m u:\"$httpUser\":rwX -m u:`whoami`:rwX $dir"); } } }