addsite: Give webmasters and www-data access to the data dir.

diff --git a/usr/local/bin/addsite b/usr/local/bin/addsite
index 73eb5d39854ed366a6665c16a2b2002f47a4ac7c..6c0749a3b495580b5dafd78cc877db171e9dcdee 100755 (executable)
--- a/usr/local/bin/addsite
+++ b/usr/local/bin/addsite
@@ -94,13 +94,13 @@ sudo chown -R 0:$GROUP "$DIR"
 sudo setfacl -R --set d:u::rwX,d:g::rX,d:o::-,u::rwX,g::rX,o::- "$DIR"
 
 # Give the group write access to htdocs, applications, conf and data
-sudo setfacl -R -m g::rwX "$DIR/htdocs" "$DIR/applications" "$DIR/conf" "$DIR/data"
+sudo setfacl -R -m g::rwX,d:g::rwX "$DIR/htdocs" "$DIR/applications" "$DIR/conf" "$DIR/data"
 
 # Give lighttpd read access to the dir itself
 sudo setfacl -m u:$HTTPD_USER:rx "$DIR"
 
-# Allow lighttpd to read anything in htdocs, applications and conf
-sudo setfacl -R -m d:u:$HTTPD_USER:rX,u:$HTTPD_USER:rX "$DIR/htdocs" "$DIR/applications" "$DIR/conf"
+# Allow lighttpd to read anything in htdocs, applications, conf and data
+sudo setfacl -R -m d:u:$HTTPD_USER:rX,u:$HTTPD_USER:rX "$DIR/htdocs" "$DIR/applications" "$DIR/conf" "$DIR/data"
 
 # Allow lighttpd to write new files in logs (but not touch existing or those created by lighttpd)
 sudo setfacl -m u:$HTTPD_USER:rwX "$DIR/logs"