The installation section of The Book has a section on setting up permissions. This walks through the process of setting up the
log directories so that both you and your webserver may modify their contents.
Install and enable ACL
First you need to install ACL, preferrably through your package manager;
aptitude on Ubuntu,
pacman on Arch,
yum on Fedora, etc:
$ sudo aptitude install acl
Then you edit your
/etc/fstab to enable ACL for your partition. Simply add
acl to the list of options.
/dev/sda1 / ext4 rw,auto,acl 0 1
Then lastly remount the partition to have the new options take effect.
$ sudo mount -o remount /
Linux file permissions
With ACL enabled for your partition, we can now solve our problem using three ingenious Linux tricks.
First we change the ownership of our directories, so that they are owned by our
$ sudo chown -R :www-data app/cache app/logs
Then we set a sticky guid on them. This ensures that new files and directories are automatically owned by the same group as their parent.
$ sudo chmod g+s app/cache app/logs
Per default new files and directories are not writable by their group owner and so the last piece of our puzzle is to use the previously enabled ACL to change that.
$ sudo setfacl -dR -m g::rwX app/cache app/logs
Encrypted home directory
So what is a tin foil, Ubuntuist, Symfonian hatter to do?
The solution I used was to set up a
/symfony/project-name directory, in which I created a
cache and a
log directory. Then I symlinked these to the project in my home directory.
$ ln -s /symfony/nogfx/cache /home/tobias/projects/nogfx/app/cache $ ln -s /symfony/nogfx/log /home/tobias/projects/nogfx/app/log
Because they actually exist in my root partition I can easily enable ACL for them, while reaping the benefits of using Symfony CLI on my encrypted home!