How to Configure a Linux Web Directory for Multiple Users (Designer-Friendly)
Managing a Linux server is standard practice for developers, but it can be a nightmare for web designers who are uncomfortable with the Command Line Interface (CLI).
If you host static HTML websites and need to allow your design team to edit files without giving them root access or forcing them to learn Bash, you need a shared directory setup.
This guide will show you how to configure Linux file permissions, groups, and Access Control Lists (ACLs) to create a seamless multi-user editing environment.
The Goal
We want to create a setup where:
Multiple users (designers) can edit files in a single web directory.
New files created by one user remain editable by others.
Designers can use GUI tools (like VS Code) instead of the terminal.
Step 1: Create a "Web Team" User Group
First, we need to group all relevant users together. This allows us to assign permissions to the group rather than managing individual users.
Ensure you have already created Linux user accounts for your designers. Then, run the following:
# 1. Create a new group called 'webteam'
sudo groupadd webteam
# 2. Add existing users to this group
# Replace 'designer1' with your actual username
sudo usermod -a -G webteam designer1
sudo usermod -a -G webteam designer2
Note: Users may need to log out and log back in for the group changes to take effect.
Step 2: Configure Directory Permissions
This is the most critical part. We will configure the directory so that anyone in the webteam group can read and write files. We will also ensure that permission inheritance is active, so future files don't get locked to a single user.
In this example, our target directory is /var/www/example.com.
# 1. Change group ownership to 'webteam'
sudo chown -R :webteam /var/www/example.com
# 2. Grant read/write/execute permissions to the group (775)
sudo chmod -R 775 /var/www/example.com
# 3. Set the 'setgid' bit (The Magic Step)
# This ensures files created inside this folder inherit the 'webteam' group
# rather than the individual user's primary group.
sudo chmod -R g+s /var/www/example.com
# 4. Set Default ACLs (Access Control Lists)
# This ensures new files created are writable by the group by default.
sudo setfacl -dR -m g:webteam:rw /var/www/example.com
Why these commands?
chmod g+s(SetGID): Without this, if Designer A creates a file, it belongs to Designer A's private group. Designer B wouldn't be able to edit it. This flag forces the file to belong towebteam.setfacl: This sets the "Default" ACL. It acts as a template, ensuring that permissions for future files are automatically set torw(Read/Write) for the group.
Step 3: Enable Remote Editing (No CLI Required)
Now that the server is ready, your designers need a way to access the files without using SSH commands.
Option A: The Modern Approach (Recommended)
I highly recommend using Visual Studio Code with the Remote - SSH Extension.
- Install the extension in VS Code.
- Connect to the server using the designer's credentials.
- Open the
/var/www/example.comfolder.
Benefits: Designers get a full file explorer, syntax highlighting, and live editing capabilities directly on the server, exactly as if the files were on their local machine.
Option B: The Legacy Approach
For users who prefer a drag-and-drop interface, WinSCP (Windows) or Cyberduck (Mac) are excellent choices. These tools allow users to edit files in a local text editor and automatically upload changes upon saving.
Summary
By combining the webteam group, the g+s bit, and setfacl, you have created a self-sustaining environment. Designers can now collaborate on site updates simultaneously without hitting "Permission Denied" errors, and you don't have to micromanage file ownership ever again.
