SFTP MYUSER will have all rights to create files/folders with www-data as owner and group in /var/www

Chroot SFTP user with www-data rights.md

Debian tips to chroot a user in it's home and add rights for www-data

STEP 1

sudo apt-get -y install bindfs

STEP 2

sudo mkdir -p /home/MYUSER/www
sudo chown -Rf MYUSER:MYUSER /home/MYUSER/www  
sudo chmod -Rf 755 /home/MYUSER/www

STEP 3

edit /etc/fstab and bind /home/MYUSER/www with /var/www, so any new folder in /home/MYUSER/www will appear with the www-data rights in /var/www

Perms will be 755 for directories and 644 for files with www-data as owner and group

sudo vim /etc/fstab

And add one line (it's for auto mount at boot):

bindfs#/var/www /home/MYUSER/www fuse force-user=MYUSER,force-group=MYUSER,create-for-user=www-data,create-for-group=www-data,create-with-perms=god=rx:ud=rwx:gof=r:uf=rw,chgrp-ignore,chown-ignore,chmod-ignore 0 0  

STEP 4

Reboot server or manual mount as you want

sudo reboot

or

sudo mount /home/MYUSER/www

STEP 5

sudo apt-get install vsftpd
sudo vim /etc/vsftpd.conf

and change with

local_enable=YES
write_enable=YES
local_umask=022
chroot_local_user=YES

STEP 6

sudo vim /etc/ssh/sshd_config

comment 'openssh' line and add after 'UsePAM yes' the 'internal-sftp' lines and change

UsePAM yes
UseDNS no

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem  sftp  internal-sftp
Match user MYUSER
    ChrootDirectory /home/MYUSER
    ForceCommand internal-sftp
AllowTcpForwarding no

STEP 7

sudo service vsftpd restart
sudo service ssh restart

Login with MYUSER with sftp and create a file or folder in www folder, it will appear in /var/www with www-data owner and group ;-) You can edit all www-data files/folders in /var/www as well !

base source : http://blog.netgusto.com/solving-web-file-permissions-problem-once-and-for-all/