OS X Server and folder permissions

It is strongly recommended that Datacentre data is stored in the standard location (/Library/MoneyWorks/Documents).

If you store data in another location it is important that you ensure that the entire path to that location is searchable by the server user (moneyworks_server).

  1. The Console will only automatically set ownership of the data folder if it contains fewer than 10 non-MoneyWorks files. For more populous data folders, it will need to be done manually on the command line with sudo chown -R moneyworks_server:admin /Path/To/Data/Folder
    OK, this one is down to us being too cowardly to set recursive permissions for a folder that doesn't look like it is really just a folder of MoneyWorks documents.
  2.  

  3. Every directory in the path to the folder must be world-searchable (because those directories will legitimately have different ownership). This also needs to be checked and set on the command line. Each directory in the hierarchy needs to have sudo chmod a+x /Path/To/Data
    sudo chmod a+x /Path/To
    sudo chmod a+x /Path

    If they are not world-searchable, that basically translates as "MoneyWorks is not allowed to see this folder that the MoneyWorks files are in".
  4.  

  5. If the data is not somewhere on the boot volume, then the data volumes's Temporary Items (or possibly .Temporary Items) directory must be either owned by the staff group or it must be world-readable-writable-executable (searchable).sudo chmod a+rwx /Volumes/MyDrive/Temporary\ Items
Posted in Esoterica, Servers | Comments Off on OS X Server and folder permissions