Contrib.social

SETGID bit gets reset for newly created directories inside sites/default/files

Open on Drupal.org →
Created on 8 November 2018, about 6 years ago
Updated 19 April 2023, over 1 year ago

I set the SETGID bit on files directory so that any new directories or files created by drupal/php inside sites/default/files will take the group ownership of parent directory i.e here `files`. But I figured out Drupal clears/unset the SETGID bit for newly created directories like css, php, js etc.

I checked with a simple script if it is an issue with PHP-FPM, but it was not. I think Drupal does chmod in his side while creating new dirs which turns out to SETGID bit to be unset automatically.

I found there is one SO question related to Wordpress ( https://superuser.com/questions/1271465/force-wordpress-php-to-respect-s... )

How to reproduce ?

    chown :deploy web/sites/default/files
    chmod g+s web/sites/default/files
    
    ls -al web/sites/default/files
    
    drwxrwxr-x    2 www-data deploy        4096 Nov  7 08:41 css
    drwxrwxr-x    2 www-data deploy        4096 Nov  7 08:32 js
    drwxrwxrwx    3 www-data deploy        4096 Nov  7 08:32 php

**Expected result** (x bit should be replaced by s for group)

    ls -al web/sites/default/files
    
    drwxrwsr-x    2 www-data deploy        4096 Nov  7 08:41 css
    drwxrwsr-x    2 www-data deploy        4096 Nov  7 08:32 js
    drwxrwsrwx    3 www-data deploy        4096 Nov  7 08:32 php

Is it an issue of Drupal 8 or a knowing behavior ? Any workaround for this issue ?

However I found something inside settings.php regarding chmod. I tried to uncomment and set my required permission like `02770` (Where 2 is SETGID bit) but it doesn't help. 

     * Default mode for directories and files written by Drupal.
     *
     * Value should be in PHP Octal Notation, with leading zero.
     */
      $settings['file_chmod_directory'] = 2770;
    # $settings['file_chmod_file'] = 0664;

It seems like Drupal 7 obeyes setgid rule ( https://www.drupal.org/docs/7/install/step-3-create-settingsphp-and-the-... ) But why doesn't work for me. Doesn't it work for Drupal 8 ?

🐛 Bug report
Status

Active

Version

9.5

Component
File system 

Last updated 1 day ago

Created by

🇮🇳India dbjpanda

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment over 1 year ago
    🇺🇸United States micahw156

    I found this issue while researching another problem.

    As noted by @kalabro in https://www.drupal.org/node/244924#comment-8186447 this should actually be set in decimal.

    I just tested setting my desired permissions of 2775 using $settings['file_chmod_directory'] = 1533; and it worked as intended for both mkdir and chmod with the file_system service.

    I'm pretty sure this is just a documentation issue.

    I thought about creating a patch for this, using the octdec() conversion for clarity, but I don't love the solution, so I'm just going to insert a diff here instead. Hopefully someone can improve on this.

    diff --git a/sites/default/default.settings.php b/sites/default/default.settings.php
index 5615be3dc0..6b6bae14ea 100644
--- a/sites/default/default.settings.php
+++ b/sites/default/default.settings.php
@@ -481,10 +481,11 @@
 /**
  * Default mode for directories and files written by Drupal.
  *
- * Value should be in PHP Octal Notation, with leading zero.
+ * Value should be converted to decimal from PHP Octal Notation,
+ * with leading zero.
  */
-# $settings['file_chmod_directory'] = 0775;
-# $settings['file_chmod_file'] = 0664;
+# $settings['file_chmod_directory'] = octdec('0775');
+# $settings['file_chmod_file'] = octdec('0664');
 
 /**
  * Public file base URL:
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024