From: Michael Orlitzky <mjo@gentoo.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: how to share a directory tree with files in it with multiple users (Re: [gentoo-user] local shared directory)
Date: Sat, 23 Apr 2016 11:12:56 -0400 [thread overview]
Message-ID: <571B90F8.6000301@gentoo.org> (raw)
In-Reply-To: <571B89E5.7060108@gc-24.de>
On 04/23/2016 10:42 AM, hw wrote:
>
> Has it become entirely impossible to share a directory tree and the
> files in it with multiple users when Linux is involved? This should be
> a very simple thing to accomplish.
>
It was never possible. It's ridiculous, but there it is. The UNIX
permissions model is too simple. ACLs were bolted on top, but most tools
retain legacy behavior with respect to group masks that breaks default
ACLs. You're seeing that same problem with your Samba share.
Filesystem permissions are one thing that Windows got right. There's
ongoing work to bring that model to Linux,
https://en.wikipedia.org/wiki/Richacls
but they're going to make the same mistake again[0] and allow the group
bits to act as a mask. That means mkdir, tar, cp, 7z -- anything that
tries to mess with group bits -- isn't going to work. They'll be DOA
just like POSIX ACLs were.
I think you can manage this with incron and POSIX ACLs. Instead of
running "chmod g+w", use sys-apps/apply-default-acl to reset the
permissions to the defaults that you set.
I wrote apply-default-acl to solve exactly this problem. You just need
to figure out a way to run it whenever things get screwed up. Which
means, whenever a file or directory is created.
[0] http://www.bestbits.at/richacl/man/richacl.7.txt
Changing the file mode permission bits:
When changing the file mode permission bits with chmod(1), the
owner, group, and other file permission bits are set to the
permission bits in the new mode... In addition, the masked and
write_through ACL flags are set. This has the effect of limiting the
permissions granted by the ACL to the file mode permission bits...
next prev parent reply other threads:[~2016-04-23 15:13 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-17 17:19 [gentoo-user] local shared directory hw
2016-03-17 18:11 ` Neil Bothwick
2016-03-17 19:32 ` [gentoo-user] " James
2016-03-17 20:59 ` [gentoo-user] " Alan McKinnon
2016-03-17 22:38 ` Rich Freeman
2016-03-17 23:10 ` Michael Orlitzky
2016-03-17 23:34 ` Neil Bothwick
2016-04-23 12:15 ` hw
2016-04-23 12:42 ` hw
2016-04-23 14:42 ` how to share a directory tree with files in it with multiple users (Re: [gentoo-user] local shared directory) hw
2016-04-23 15:12 ` Michael Orlitzky [this message]
2016-05-07 15:12 ` hw
2016-05-07 23:24 ` Alan McKinnon
2016-05-14 16:26 ` solved: " hw
2016-04-23 14:56 ` [gentoo-user] local shared directory Neil Bothwick
2016-05-14 16:23 ` hw
2016-05-14 22:43 ` Neil Bothwick
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=571B90F8.6000301@gentoo.org \
--to=mjo@gentoo.org \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox