Turn off chmod/chown permission change on the existing files/folders

[alexdrupal]

2 user setup

Flysystem creates issues with 2 user setup on Linux machines with Local adapter. Example: SSH user: userA Apache user: www-data

SSH user installs composer packages, runs console commands. Each ssh user action can create files / folders, that has to be writable by www-data. So far, I've seen flysystem in the 2 projects - Shopware, PIMCore. Each project is symfony based and symfony has a filesystem documentation for the 2 user scenario here - https://symfony.com/doc/5.x/setup/file_permissions.html

The symfony documentation uses the following command to setup permissions with setfacl commands:

HTTPDUSER=$(ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1)

sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX var
sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX var

I've been using 2 user setup in pretty much every project so far and it has been working good, allowing to run deployment scripts, console commands without any issues on the web-server side.

However, it is not the case with Flysystem and here is why:

1. File has been created by userA
2. Server is trying to write to the file under user www-data
3. Flysystem trying to change owner/permissions of the userA file to www-data user and fails.

The action in item 3 above is not necessary. The file exists and is writable by www-data user using facl permissions. This Flysystem behavior makes it impossible to use with 2 user scenario.

How can we avoid such behavior? At least not to exec chown/chmod on existing files/folders?

Thank you.

Q	A
Flysystem Version	3.27.0
Adapter Name	local
Adapter version	3.25.1