I’m trying to setup a deployment system (Capistrano, Rocketeer, etc…) on my server based on Virtualmin.
I’ve seen that Virtualmin creates a user and a group with the name of the vserver and a home dir in wich you’ll set your files.
The owner group has only read permission and www-data is part of it.
The owner user obviously has complete access to the files under his folder.
Now the question: It’s not safe to run the deployment with root user so i want to create a deploy one that has write access to each vserver folder. I can’t add deploy user to the groups because ‘g’ has only read permission.
Question 1:
How can i solve this problem? Should i use ACL?
Question 2:
Is possible to automate the solution and not have to execute some operation each time a vserver is created?