From b5654c5a01afb57928cb33d3c2b67fab2320221e Mon Sep 17 00:00:00 2001
From: Evelyn <evansvevelyn@gmail.com>
Date: Mon, 18 May 2026 15:32:06 +0200
Subject: [PATCH] fix: chown /var/lib/overleaf mount point to www-data (#33764)

The init script chowns all subdirectories but not the mount point
itself. When the host volume is owned by a non-www-data user with
restrictive permissions (e.g. 770), the web process cannot traverse
the directory and crashes with EACCES, causing a 502.

Fixes #1325 and #1465

COPYBARA_INTEGRATE_REVIEW=https://github.com/overleaf/overleaf/pull/1475 from ev-not-eve:patch-1 269a80500ff38f584a2cdef7df07a9fc0ea9408d

Co-authored-by: Evelyn <evansvevelyn@gmail.com>
GitOrigin-RevId: 959051861246c9f3958e56861821b92d84167926
---
 server-ce/init_scripts/100_make_overleaf_data_dirs.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server-ce/init_scripts/100_make_overleaf_data_dirs.sh b/server-ce/init_scripts/100_make_overleaf_data_dirs.sh
index 2723ae7a61..5da946f379 100755
--- a/server-ce/init_scripts/100_make_overleaf_data_dirs.sh
+++ b/server-ce/init_scripts/100_make_overleaf_data_dirs.sh
@@ -2,6 +2,7 @@
 set -e
 
 mkdir -p /var/lib/overleaf/data
+chown www-data:www-data /var/lib/overleaf
 chown www-data:www-data /var/lib/overleaf/data
 
 mkdir -p /var/lib/overleaf/data/compiles