* [gentoo-user] permissions for a common folder
@ 2006-09-19 11:53 Stefán István
2006-09-19 12:15 ` [gentoo-user] " Remy Blank
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Stefán István @ 2006-09-19 11:53 UTC (permalink / raw
To: gentoo levlist
Hello!
We have a file server, and there are a common directory for a group of a
users. I set this common folder's permission to 2775 and that results that a
newly created file or directory will have the same goup owner as the common
dir. But the problem is, that if someone creates a file or a directory in
this common folder, the permissions will be 644 or 755, and so the other
users in the same group can't write that file or directory, only if the
creator of the entry sets it manually to 664 or 775. Is there any way to tell
the Linux to automatically set the rights to 664 or 775 in this common
directory (and only in this)?
This common dir is also shared with samba for the windows users, and in samba
it is possible to set this.
Thanks for the help in advance,
Istvan
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
* [gentoo-user] Re: permissions for a common folder
2006-09-19 11:53 [gentoo-user] permissions for a common folder Stefán István
@ 2006-09-19 12:15 ` Remy Blank
2006-09-20 8:01 ` Stefán István
2006-09-19 12:23 ` [gentoo-user] " Alan McKinnon
2006-09-19 12:31 ` Matteo Pillon
2 siblings, 1 reply; 8+ messages in thread
From: Remy Blank @ 2006-09-19 12:15 UTC (permalink / raw
To: gentoo-user
Stefán István wrote:
> Is there any way to tell
> the Linux to automatically set the rights to 664 or 775 in this common
> directory (and only in this)?
This is normally done by setting the umask to 002 instead of 022 for all
users (in /etc/profile), and creating a separate primary group for every
user with the same name as the user. Then all files and directories
created by users will have 664 resp. 775 permissions. When creating
files in "normal" directories, the files will have the "private" primary
group of the user, and will therefore only be writable by the user. When
creating files in directories with the SGID bit set, the group will be
the same as the directory, and the file will be writable by all members
of the group.
This is the default strategy in RedHat distributions (or at least it was
when I switched to Gentoo, around 9.0 or so).
You might be able to get the same effect locally (i.e. only in your
shared directory) by using POSIX ACLs. See 'man acl' for more info.
-- Remy
Remove underscore and suffix in reply address for a timely response.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-user] permissions for a common folder
2006-09-19 11:53 [gentoo-user] permissions for a common folder Stefán István
2006-09-19 12:15 ` [gentoo-user] " Remy Blank
@ 2006-09-19 12:23 ` Alan McKinnon
2006-09-19 12:31 ` Matteo Pillon
2 siblings, 0 replies; 8+ messages in thread
From: Alan McKinnon @ 2006-09-19 12:23 UTC (permalink / raw
To: gentoo-user
On Tuesday 19 September 2006 13:53, Stefán István wrote:
> We have a file server, and there are a common directory for a
> group of a users. I set this common folder's permission to
> 2775 and that results that a newly created file or directory
> will have the same goup owner as the common dir. But the
> problem is, that if someone creates a file or a directory in
> this common folder, the permissions will be 644 or 755, and
> so the other users in the same group can't write that file or
> directory, only if the creator of the entry sets it manually
> to 664 or 775. Is there any way to tell the Linux to
> automatically set the rights to 664 or 775 in this common
> directory (and only in this)?
> This common dir is also shared with samba for the windows
> users, and in samba it is possible to set this.
Sorry, but it's not possible to do this with conventional Linux
permissions or NFS. The permissions of a newly created file
depend only on the hard-coded MODE (666 for files, 777 for
directories) and the user's umask. So, either the users have to
remember to set their umask, or use a different account with a
correct umask to access that dir (you could try two accounts
for each user with the same uid - it might work but I haven't
tried it out myself), or have the user chmod each new file they
make.
Thsi question came up on another list recently, and some
workarounds I thought up were variations on using cron, find
and chmod. Maybe there's some way you can hook fam and call a
script each time a file is newly created.
But the easiest way is to simply export the filesystem in a way
that does do what you want - samba. As long as the total number
of connectiosn through samba for Linux and windows clients
stays below some sane amount (I find 5-10 is usually about the
maximum) the file server will cope ok.
alan
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-user] permissions for a common folder
2006-09-19 11:53 [gentoo-user] permissions for a common folder Stefán István
2006-09-19 12:15 ` [gentoo-user] " Remy Blank
2006-09-19 12:23 ` [gentoo-user] " Alan McKinnon
@ 2006-09-19 12:31 ` Matteo Pillon
2 siblings, 0 replies; 8+ messages in thread
From: Matteo Pillon @ 2006-09-19 12:31 UTC (permalink / raw
To: gentoo-user
Hi,
On Tue, Sep 19, 2006 at 01:53:13PM +0200, Stefán István wrote:
> We have a file server, and there are a common directory for a group of a
> users. I set this common folder's permission to 2775 and that results that a
> newly created file or directory will have the same goup owner as the common
> dir. But the problem is, that if someone creates a file or a directory in
> this common folder, the permissions will be 644 or 755, and so the other
> users in the same group can't write that file or directory, only if the
> creator of the entry sets it manually to 664 or 775. Is there any way to tell
> the Linux to automatically set the rights to 664 or 775 in this common
> directory (and only in this)?
It depends on your setup, if you're using bash, you can subtitute cd
with a new function:
cd () {
if ....; then
umask 0002
else
umask 0022
fi
command cd $@
}
Bye.
--
* Pillon Matteo
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-user] Re: permissions for a common folder
2006-09-19 12:15 ` [gentoo-user] " Remy Blank
@ 2006-09-20 8:01 ` Stefán István
2006-09-20 9:00 ` Remy Blank
0 siblings, 1 reply; 8+ messages in thread
From: Stefán István @ 2006-09-20 8:01 UTC (permalink / raw
To: gentoo-user
kedd 19 szeptember 2006 14.15 dátummal Remy Blank ezt írta:
> Stefán István wrote:
> > Is there any way to tell
> > the Linux to automatically set the rights to 664 or 775 in this common
> > directory (and only in this)?
>
> This is normally done by setting the umask to 002 instead of 022 for all
> users (in /etc/profile), and creating a separate primary group for every
> user with the same name as the user. Then all files and directories
> created by users will have 664 resp. 775 permissions. When creating
> files in "normal" directories, the files will have the "private" primary
> group of the user, and will therefore only be writable by the user. When
> creating files in directories with the SGID bit set, the group will be
> the same as the directory, and the file will be writable by all members
> of the group.
>
> This is the default strategy in RedHat distributions (or at least it was
> when I switched to Gentoo, around 9.0 or so).
>
> You might be able to get the same effect locally (i.e. only in your
> shared directory) by using POSIX ACLs. See 'man acl' for more info.
Okay, I think I have to use acl. I've read its documentation, and set up the
following acl's:
setfacl -m d:u::rw /home/stefi/kepek/
setfacl -m d:g::rw /home/stefi/kepek/
setfacl -m d:o::r /home/stefi/kepek/
Now, if I create a file in this directory, it's permission will be 664 instead
of the default 644. That's very good.
But if I create a directory it's permissons also will be 664. But I want it to
be 775. How can I achive this?
Thanks,
Istvan
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
* [gentoo-user] Re: permissions for a common folder
2006-09-20 8:01 ` Stefán István
@ 2006-09-20 9:00 ` Remy Blank
2006-09-20 11:51 ` Stefán István
0 siblings, 1 reply; 8+ messages in thread
From: Remy Blank @ 2006-09-20 9:00 UTC (permalink / raw
To: gentoo-user
Stefán István wrote:
> Okay, I think I have to use acl. I've read its documentation, and set up the
> following acl's:
>
> setfacl -m d:u::rw /home/stefi/kepek/
> setfacl -m d:g::rw /home/stefi/kepek/
> setfacl -m d:o::r /home/stefi/kepek/
>
> Now, if I create a file in this directory, it's permission will be 664 instead
> of the default 644. That's very good.
> But if I create a directory it's permissons also will be 664. But I want it to
> be 775. How can I achive this?
Use the following:
setfacl -m d:u::rwx,d:g::rwx,d:o::rx /home/stefi/kepek/
i.e. also give it a default execute permission.
-- Remy
Remove underscore and suffix in reply address for a timely response.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [gentoo-user] Re: permissions for a common folder
2006-09-20 9:00 ` Remy Blank
@ 2006-09-20 11:51 ` Stefán István
2006-09-20 12:52 ` Remy Blank
0 siblings, 1 reply; 8+ messages in thread
From: Stefán István @ 2006-09-20 11:51 UTC (permalink / raw
To: gentoo-user
szerda 20 szeptember 2006 11.00 dátummal Remy Blank ezt írta:
> Stefán István wrote:
> > Okay, I think I have to use acl. I've read its documentation, and set up
the
> > following acl's:
> >
> > setfacl -m d:u::rw /home/stefi/kepek/
> > setfacl -m d:g::rw /home/stefi/kepek/
> > setfacl -m d:o::r /home/stefi/kepek/
> >
> > Now, if I create a file in this directory, it's permission will be 664
instead
> > of the default 644. That's very good.
> > But if I create a directory it's permissons also will be 664. But I want
it to
> > be 775. How can I achive this?
>
> Use the following:
>
> setfacl -m d:u::rwx,d:g::rwx,d:o::rx /home/stefi/kepek/
>
> i.e. also give it a default execute permission.
Thanks, it works know, though I don't understand it.
István
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
* [gentoo-user] Re: permissions for a common folder
2006-09-20 11:51 ` Stefán István
@ 2006-09-20 12:52 ` Remy Blank
0 siblings, 0 replies; 8+ messages in thread
From: Remy Blank @ 2006-09-20 12:52 UTC (permalink / raw
To: gentoo-user
>> Use the following:
>>
>> setfacl -m d:u::rwx,d:g::rwx,d:o::rx /home/stefi/kepek/
>>
>> i.e. also give it a default execute permission.
>
> Thanks, it works know, though I don't understand it.
The default user, group and other ACLs of a directory are ANDed with the
mask passed to the open() or mkdir() call. For directories, the mode is
normally passed as 0777, so you end up with 0775 permission. For files,
the mode is usually passed as 0666, and so you get 664 permissions.
-- Remy
Remove underscore and suffix in reply address for a timely response.
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2006-09-20 12:59 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-19 11:53 [gentoo-user] permissions for a common folder Stefán István
2006-09-19 12:15 ` [gentoo-user] " Remy Blank
2006-09-20 8:01 ` Stefán István
2006-09-20 9:00 ` Remy Blank
2006-09-20 11:51 ` Stefán István
2006-09-20 12:52 ` Remy Blank
2006-09-19 12:23 ` [gentoo-user] " Alan McKinnon
2006-09-19 12:31 ` Matteo Pillon
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox