2

What is the difference on CentOS Linux if you chown apache:root or root:apache?

I am trying to set correct ownership for Drupal install but both Drupal Docs and all subsequent pages of discussions following have varying ideas on the subject and without a good base understanding of what it is all about you wouldn't have a clue. Until I find the right documentation on the subject I just want to know the difference of order between root:apache and apache:root if any?

erch
  • 5,030
cea
  • 1,543

2 Answers2

2

Have a look at man chown. This reads:

   chown [OPTION]... [OWNER][:[GROUP]] FILE...

Therefore the first name is the desired user name' and the (optional) second name is the desired group name.

You can list all the users known by your system using getent passwd and you can list all the groups known by your system using getent group.

If you do ls -l file it will show you the owning user and group and the permissions of a file like this:

-rw-r----- 1 michas users 0 Dec 14 10:07 file

In this case the user "michas" is able to read and write that file, everyone in group "users" is able to read that file and anyone else is not allowed anything. Maybe a good reference is Modes (Unix) on Wikipedia.

Whether you want to chown to apache:root or root:apache, depends on which users and groups are available on your system and how you plan to set it up. (Results from google show very different setups from drupal at centos.)

michas
  • 21,510
  • Thank you for the reference and answer now I need to search further as to what my setup demands. – cea Dec 14 '13 at 13:19
2

The first argument of ARG1:ARG2 is the Unix owner (user) the second argument is a group. These typically come from the files /etc/passwd (users) and /etc/groups (groups).

So in your 1st example you're setting the owner to be the user apache and the group root. In your 2nd example you're setting the owner to be the user root and the group apache.

You can use the following commands to see what users and groups are available on your system.

Examples

First 10 users on my Fedora 19 system.

$ getent passwd | head -10
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin

First 10 groups.

$ getent group | head -10
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:

The owner and the group that you're setting correspond to the permissions on the files and directories on the system.

Example

$ ls -ld /var/www/html
drwxr-xr-x. 2 root root 4096 Jul 10 03:47 /var/www/html

The above directory has permissions read/write/execute enabled for user root, and read/execute permissions enabled for group root.

slm
  • 369,824
  • I understood this answer better but both good answers, now I just have to work out when in drupal you need either group or user to have certain permissions. – cea Dec 14 '13 at 13:17
  • I think apache is the the owner of files and so the user for drupal in centos linux so would be apache:root – cea Dec 14 '13 at 13:21
  • @CharlieBunt - thanks for the accept. You can also upvote answers that you deem are helpful too. This is a nice way of saying thanks to any author of an answer that you found helpful/useful. – slm Dec 14 '13 at 18:06