I ran into a problem with Apache on Centos 6. For some time, I was the only person who had access to this particular machine so permissions were not a problem. However, now that somebody else is taking care of the website hosted there, they had troubles editing files that were uploaded via website and owned by apache. So I added the user to the apache group and put this line:
That way, any file created by apache user was by default writable by the apache group so the given user would be able to work with those files. When I tried it out, however, it didn’t work, the user was not able to modify those files, to my frustration. Now, I was left with two options, either pull my hair off, or modify the httpd init script, neither of them much to my liking. Eventually, I found out that the solution was pretty easy – the PHP upload script was explicitly setting the permissions to 644 so members of apache group were not able to modify the file. When I modified the application and its chmod command, everything worked like a charm.
Update 17. 4. 2017
I came to face the same situation with nginx on Centos 7. The issue was basically the same, only the file where umask directive had to be placed to was different:
and umask had to be placed into the [Service] section:
[Service] #other stuff here UMask=0002