Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Setting Directory/File permissions???

Skip to first unread message

ACid.

unread,
Dec 17, 2001, 1:31:49 AM12/17/01
to
Ok here is my problem. I have some users that belong to several
different groups (nothing big there). Between them they have a folder
that is used to store files that they all work on. This folder and all
the files need to be owned by the desired group and set with rw for the
group. The problem is that the group is not there default group so when
the files are created they are created with the umask for the user and
main group which is rw for owner and r for group. I'd like the files created
in this folder to be created with rw for owner and group. Is there
anyway to control umask settings on the directory basis so that if files
are created in there home directory (anywhere but in the "special
folder") that they take on default create permissions and then if a file
is created in the "special folder" that they are created with rw for the
owner and rw for the group?

ACid.

Laurent-jan

unread,
Dec 17, 2001, 1:18:27 PM12/17/01
to

"Michael Vilain " wrote:

> In article <pjgT7.1600$gk1.1...@typhoon.columbus.rr.com>,

> You didn't post the OS or version of your OS, so I'll answer as if
> you're running SUN's Solaris. You can apply a default ACL and user ACL
> on the directory so that people in the ACL can write into it and the
> default ACL will set the default permissions for files created in it.
> It need not rely on the standard UNIX groups. See the setfacl and
> getfacl man pages.
>
> If you're running a variant of UNIX which doesn't implement ACLs this
> way, you'll have to put everyone in a group which has write access to
> the directory and require users to use the shell command "newgrp" prior
> to accessing the directory. Or you can put everone in the same group in
> /etc/passwd and they'll all have access.
>
> Without ACL's, you'll have to rethink what you're trying to do and
> figure out another way. It can't be done without them as you described.
>


On AIX you'd set the SGID-bit on your directory. I'm currently at home,
so I can't verify any other UNIX (though my little linux acts the same
way). That should take care of your creation-group problem.

If this happens a lot at your site, you may want to rethink your
umask-strategy. The risks of introducing a umask of 007 may not be
so enormous. But this, of course, may be different at your site.


--
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
(c) ljm @ xs4all . nl. No part of this copyright message may be
reproduced, read or seen, dead or alive or by any means, including
but not limited to telepathy without the benevolence of the author.

Doug Freyubrger

unread,
Dec 17, 2001, 6:49:20 PM12/17/01
to
Laurent-jan wrote

> ACid wrote:
>
> > Ok here is my problem. I have some users that belong to several
> > different groups (nothing big there). Between them they have a folder
> > that is used to store files that they all work on. This folder and all
> > the files need to be owned by the desired group and set with rw for the
> > group. The problem is that the group is not there default group so when
> > the files are created they are created with the umask for the user and
> > main group which is rw for owner and r for group. I'd like the files created
> > in this folder to be created with rw for owner and group.
>
> On AIX you'd set the SGID-bit on your directory. I'm currently at home,
> so I can't verify any other UNIX (though my little linux acts the same
> way). That should take care of your creation-group problem.

True on Solaris as well. It is called SysV vs BSD file ownership semantics.
According to the man pages on HP-UX, it does not appear to be an option there.

ACid.

unread,
Dec 17, 2001, 10:37:46 PM12/17/01
to
Sorry, the OS is Solaris

Setting the SGID on the directory works somewhat. The group is set
correctly but the permissions are still that of the main group not
"special group".

This situation is a special case and will not be a common occurance so I
just need to figure out a temp fix for now. What seems to look as the
best fix would be the use of ACLs.

Thanks for all the help...

ACid.

Rev. Don Kool

unread,
Dec 17, 2001, 11:13:33 PM12/17/01
to
ACid. wrote:

> Sorry, the OS is Solaris
>
> Setting the SGID on the directory works somewhat. The group is set
> correctly but the permissions are still that of the main group not
> "special group".
>
> This situation is a special case and will not be a common occurance so I
> just need to figure out a temp fix for now. What seems to look as the
> best fix would be the use of ACLs.
>
> Thanks for all the help...


ACid, by all means set the SGID so that at least the group is always
correct. To avoid the complexity of ACLs and the lax security of
setting a more open "umask", set a "cron" job up to do a "chmod -R" to
the directory every five minutes or so. Depending on how dynamic the
changes are in that directory, this kludge might do it for you. A few
years ago I had a similar situation with a group of users and a
once-every-30-minutes "cron" had the users buying me lunch. It's not
elegant but it can work out great depending on the situation.

Hope this helps,
Don


--
*********************** You a bounty hunter?
* Rev. Don McDonald * Man's gotta earn a living.
* Baltimore, MD * Dying ain't much of a living, boy.
*********************** "Outlaw Josey Wales"

0 new messages