Am 25.03.2010 09:50, schrieb Alan McKinnon:
> On Thursday 25 March 2010 10:26:25 Hinko Kocevar wrote:
>> Hi,
>>
>> Where is defined what permissions will the newly created folder/file
>> have by default?
> 
> This is done by the umask of the user creating the folder.
> 
> 
>>
>> Eg. When creating a folder I would like it to have permissions right
>> after it is created, to void use of chmod/chown afterwards:
>>
>> drwxrwxr-x 2 hinko users    4096 Mar 25 09:23 folder1
>>
>> while now I get only:
>> drwxr-xr-x 2 hinko users    4096 Mar 25 09:23 folder1
>>
>> That is group should have 'w' set.
> 
> 
> This is a common misunderstanding about permissions and the Unix philosophy 
> about them, which is:
> 
> It's up to the user, not the system, to say what permissions he wants on new 
> filesystem objects.
> 
> Modifing the user's umask is not advised, as this is global. *Every* new file 
> or dir then ends up with g+w and you probably don't want that.
> 
> You need to use Posix ACLs for this, and your file system and kernel must 
> support them; you configure it per directory. It's all in man pages and on 
> google - better start reading.
> 
> Be warned though: you *will* forget you set this, and *will* wonder in future 
> why g+w is set in various places. "ls" gives precious little clue that an ACL 
> is in place.
> 
> I find that in real life, a "find -exec chmod" in a cron is a better solution
> 

To avoid ACLs and still have group rw rights on some folders for
specific groups, you can make use of the 'user private group' scheme and
the setgid bit: [1].

Gentoo uses this scheme per default, although I think the umask setting
is different (has to be 002 or 007).

What Alan forgot to tell is where to set the umask: /etc/profile. Don't
use too strict settings because these are also applied to system
accounts. This can easily break your system.

[1]
http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/ref-guide/s1-users-groups-private-groups.html

Hope this helps,
Florian Philipp