Organising files in Google drive

We use Google Drive at work and for a particular project we ended up in a situation where there were multiple documents related to it, but not an easy way to have “links” to all of them on the same place.

One solution would be to create yet another document and link to the documents. Another one is to bookmark documents in your own browser—but the issue is that if someone wants to collect all the links together in their computer, then they have to bookmark the stuff individually as well.

But there’s an easier way: you can make a folder in Google Drive and add any file to it (whether it’s owned by you or not). Then you can share the folder, and voilà! everyone has access to the collection of documents.

To make a folder in your drive, first go to your google drive. Click NEW… folder. Give it a name, for example: Magnificent folder.

Then go to the document you want to add to the folder, click on the File… menu, select Add to my drive. A little pop up will show up, click on the Organize link… Choose Move to folder, and choose the Magnificent folder you created before.

If you refresh the folder in your drive, the document should be present there.

To share the folder, click on the down-facing arrow on the right hand side of the name of the folder. This opens a drop down menu and you can select “Share…” to open the usual Google docs interface to share stuff with people.

Done!

I’d also suggest that changing the folder view from grid to list, showing the document titles, might be useful in many cases, as the document titles tend to get truncated way too easily.

How to set up the web server for working in a team

There are lots of urban legends around the intrincate complexities of setting up a web server in order to allow more than just one person to work with it. In fact, there are lots of bad habits, unfortunately very well established, like the “make your files writable == chmod 777 rule” which are just plainly Very Bad Ideas, and are also consequences of not understanding how things work.

So how do things work?

The main goal is to be able to add and modify files in the web server, regardless of which user does it. And the solution is just a combination of appropiate permissions and groups:

  1. Identify which user is executing apache in your server. For example, in an ubuntu machine it is usually www-data.
  2. Identify which users need to be able to read, write and delete files and directories inside the web root. For example, there could be a couple of users called foo and bar. Both need to be able to change files in the server, whether they were created first by them or not.
  3. Add foo and bar to the www-data group.
  4. For fixing possible glitches with permissions, do this:
  1. sudo chgrp -R www-data /var/www # change all the files’ group to www-data
  2. sudo chmod g+w -R /var/www # allow people in the group to write to the files
  3. sudo chmod g+s -R /var/www # set the group id bit, so newly created files and folders inside the folders will inherit the group id of their container

Now, with this set up, everybody in the www-data group can modify stuff in /var/www, and newly created files will belong to the www-data group. And, of course, apache will be able to read and modify those files, so all should work nicely.

The only problem you can find is that when new files are created or copied they don’t get the write permission for its group. A solution could just be to do a chmod g+w right after creating it (that’s what I’m doing currently); advanced solutions will involve modifying the mask used to deal with files in the user profile.

Conclussion

As you see, this is a very easy process – it just requires a bit of attention to detail when setting up the server, and saves lots of headaches later. It is mostly useful for people with a dedicated server, or with an in-house machine, like the ubuntu box we have, where we can modify permissions, ownerships, groups, etc, at our will.
If you are in a shared hosting solution, I hope your hosting sets up things properly, so you will be able to avoid most of the cases where you need to do a chmod 777 in order to have apache writing stuff to folders that you, as a user, created. It is not that difficult, as you see!

Unfortunately most of the times they set things like this:

  1. apache is in its own group: apache
  2. user accounts are in their own group: foo
  3. stuff created by users, and the very folder for the user files, do not have the GID bit

So apache can read stuff which users upload, but it can’t modify or write to those folders because apache and the user are in different groups. And the traditional solution is to give permissions to everybody. Which, if you have attacks like this one, may allow the attacker to modify the whole hosted tree, which proves that using chmod 777 systematically is a Very Bad Idea.