How do I give myself access to /var/www to create and edit files and folders in it without ‘sudo’?
The /var/www/ folder is touched by the system, and not just the users/administrators, so you should not be messing with these settings on the base /var/www directory unless you know what you're doing. Typically, with how I run things, I make site-specific directories inside /var/www/, and then give myself permissions there, which solves the issue of the system overwriting site data accidentally (it usually won't mess with subfolders in there of your own creation).
Therefore, you may instead wish to set up a folder inside of /var/www/ and modify your Apache site DocumentRoot settings to point the website to that subfolder (say, /var/www/mysite/), and then run commands command to give yourself write access, and the web server read access, while blocking other users from accessing.
First, to create the folder, replacing ‘mysite’ with whatever name you wish to use:
sudo mkdir /var/www/mysiteSecond, lets give you access, and the WebServer access. Apache2 runs as www-data by default.
sudo chown $USER:www-data /var/www/mysiteThirdly, we need to make sure any files created in the folder are automatically given www-data as the group owner (so that it can actually read files it needs to read); we set the "SetGID" sticky bit for this. We also may want to stop other users (except superuser and the web server) from accessing the folder too, in case there's passwords stored in the data that should not be exposed (see my warning at the bottom of the answer):
sudo chmod g+s /var/www/mysite
sudo chmod o-rwx /var/www/mysiteFourth, you have to edit your Apache site. You may be using the ‘default’ site configuration, if you’re new to it. You’ll need to run a set of tasks:
- Find the configuration file — usually in
/etc/apache2/sites-enabled. - Edit the configuration files — find the DocumentRoot line, and modify it to say:
DocumentRoot /var/www/mysite(replacing 'mysite' with whatever directory name you made. - Restart Apache —
sudo service apache2 restart.
Once you’ve done all this, you should be able to put documents into /var/www/mysite directly, without sudo (so FTP/SFTP will work), and the web server should have the access permissions it needs for everything inside the site directory.
(Obligatory IT Security warning, because I’m an IT security person)
WARNING!
Website permissions are very evil and depending on what you’re using on the site can be almost impossible to get working without a lot more work and effort. There are also files in some web applications that should NOT be accessible by the world outside of what you must give access to.
It is also important to note that web applications are vulnerable to a LOT of potential exploits, so it is critical to keep your site updated with software updates to Apache, but also updates to the software you run on the site (WordPress, for example).