From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 7E2CA1381F4 for ; Sat, 23 Apr 2016 12:43:08 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 34F9521C01D; Sat, 23 Apr 2016 12:43:00 +0000 (UTC) Received: from sunflo-mx.v.h.gc-24.de (gc-24.de [46.227.95.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 0EAF821C00E for ; Sat, 23 Apr 2016 12:42:58 +0000 (UTC) Received: from bulma.v.h.gc-24.de ([192.168.220.13]) by sunflo-mx.v.h.gc-24.de with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84) (envelope-from ) id 1atwtk-0006jI-Ut for gentoo-user@lists.gentoo.org; Sat, 23 Apr 2016 14:42:56 +0200 Subject: Re: [gentoo-user] local shared directory To: gentoo-user@lists.gentoo.org References: <56EAE719.2040806@gc-24.de> <56EB1AA5.9000303@gmail.com> <20160317233407.343dfb9b@digimed.co.uk> From: hw Message-ID: <571B6DD0.2010801@gc-24.de> Date: Sat, 23 Apr 2016 14:42:56 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:43.0) Gecko/20100101 Firefox/43.0 SeaMonkey/2.40 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: <20160317233407.343dfb9b@digimed.co.uk> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: e9f59422-5317-47ba-a937-66cb0e3f1843 X-Archives-Hash: 9d63406289af9e08b3212317db50f59d Neil Bothwick schrieb: > On Thu, 17 Mar 2016 18:38:56 -0400, Rich Freeman wrote: > >>> umask is just not viable either, as a) it's global and affects all >>> files a user creates and b) by definition umask is modifiable by the >>> user (it's a feature to help users out so they don't need to chmod >>> every file every time) and c) you can't stop them doing it (by >>> design). >> >> Actually, this is completely viable. Just set the default umasks to >> 007, and create a new group for each user as their default group (and >> don't have all their home directories be owned by some users group). >> This is how this sort of situation was handled long before POSIX ACLs >> became common, and I know that some distros behave this way by default >> for this reason (this was the case in the distro I used right before I >> switched to Gentoo). >> >> If users chmod a file then tell them not to. If you must, set up some >> cron job to clean up after them. >> >> But, you can of course do this with ACLs as well. I haven't tried >> setting those up personally. > > I've done this with ACLs in the past, which is why I suggested it, but > it's a pain to set up if you haven't used them before. Alan's suggestion > of using inotify is probably simplest. Install incrond and put something > like this in a file in /etc/incron.d > > /shared/dir IN_CREATE,IN_MODIFY chmod g+w $# > > PS: How about subdirectories? The users sharing the directory can create and delete them as well, and files within them; yet incron ignores what happens in subdirectories. Using 'chmod -R g+w $#' isn't very appealing, and how safely does it handle file names?