Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Create a shared folder using acl
Top Forums Shell Programming and Scripting Create a shared folder using acl Post 302996468 by jcdole on Wednesday 26th of April 2017 01:37:56 PM
Old 04-26-2017
Quote:
Originally Posted by Corona688
You can do that with just chmod, ACL's not needed. Set the folder U+S, just like they do on /tmp/, and you will only be able to delete your own files. G+S has a different meaning, it forces the group of created files to be the same group as the directory.

[edit] Jim already suggested this a week ago.
As I have already said that does not do what I want

Using G+S in PUBLIC SHARED FOLDER
a) deletion of not owned files forbidden : OK
b) creation in user's folder : OK
c) creation in other user's folder : OK
d) editing files owned by others in its own user's folder : KO access denied
d) editing files owned by others in any other folder ( owned or not owned ) : KO access denied

files are marked as
user::rw-
group::r--
other::r--

My test script in pseudo code :
Code:
chown -R publicuser:publicuser $A_PUB_FOLDER
chmod u+s $( find $A_PUB_FOLDER -type d )


test script : acl_sample_11.sh
see details : SUSE Paste


su to root

for each public folders
step 1 remove all acl
step 2 remove all files and subdiretories
step 3 create $A_PUB_FOLDER
step 4 chown -Rv publicuser:publicuser $A_PUB_FOLDER
        chmod -v 0770 $( find $A_PUB_FOLDER -type d )
        chmod -v u+s $( find $A_PUB_FOLDER -type d )

step 5 if $A_PUB_FOLDER == $A_SPECIFIC_PUB_FOLDER
    step 5-a  create another subfolder $A_SPECIFIC_PUB_FOLDER/SOME_FOLDER
    step 5-b
        chown -Rv publicuser:publicuser $A_SPECIFIC_PUB_FOLDER/SOME_FOLDER
        chmod -v 0770 $( find $A_SPECIFIC_PUB_FOLDER/SOME_FOLDER -type d )
        chmod -v u+s $( find $A_SPECIFIC_PUB_FOLDER/SOME_FOLDER -type d )
step 7 for some user in list
    step 7-a
        create sub folder $A_PUB_FOLDER/$A_USER
    step 7-b
        chown -Rv publicuser:publicuser $A_PUB_FOLDER/$A_USER
        chmod -v 0770 $( find $A_PUB_FOLDER/$A_USER -type d )
        chmod -v u+s $( find $A_PUB_FOLDER/$A_USER -type d )
step 8
    step 8-a su to user1 ; create test file in $A_PUB_FOLDER/user1
    step 8-b su to user2 ; create test file in $A_PUB_FOLDER/user2
    step 8-a as user2 create test file in $A_PUB_FOLDER/user1

step 9
print acl for user1 and user2
Code:
MY-SERVER-LINUX:~ # getfacl /d_pub_folder
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder
# owner: publicuser
# group: publicuser
# flags: s--
user::rwx
group::rwx
other::---

MY-SERVER-LINUX:~ # getfacl /d_pub_folder/user_test1
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder/user_test1
# owner: publicuser
# group: publicuser
# flags: s--
user::rwx
group::rwx
other::---

MY-SERVER-LINUX:~ # getfacl /d_pub_folder/user_test1/*
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder/user_test1/test_user_test1_03.txt
# owner: user_test1
# group: users
user::rw-
group::r--
other::r--

# file: d_pub_folder/user_test1/test_user_test2_04.txt
# owner: user_test2
# group: users
user::rw-
group::r--
other::r--

MY-SERVER-LINUX:~ # getfacl /d_pub_folder/user_test2
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder/user_test2
# owner: publicuser
# group: publicuser
# flags: s--
user::rwx
group::rwx
other::---

MY-SERVER-LINUX:~ # getfacl /d_pub_folder/user_test2/*
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder/user_test2/test_user_test2_03.txt
# owner: user_test2
# group: users
user::rw-
group::r--
other::r--

=+=+=+=+=+=+=+=+=+=+=+=+=+=

Quote:
Originally Posted by jim mcnamara
Try using the sticky bit, like the way the /tmp directory is set up.
Apply the stick bit to all directories, and set ownership of them to publicuser.
acl's will work but are complex as you found.

Example:
Code:
chown -R publicuser:publicuser $A_PUB_FOLDER
chmod 1770 $( find $A_PUB_FOLDER -type d )

does not work
same comments as above.

My script in pseudo code :
Code:
chown -R publicuser:publicuser $A_PUB_FOLDER
chmod 1770 $( find $A_PUB_FOLDER -type d )



test script : acl_sample_10.sh
see details : SUSE Paste

su to root

for each public folders
step 1 remove all acl
step 2 remove all files and subdiretories
step 3 create $A_PUB_FOLDER
step 4 chown -Rv publicuser:publicuser $A_PUB_FOLDER
        chmod -v 1770 $( find $A_PUB_FOLDER -type d )
step 5 if $A_PUB_FOLDER == $A_SPECIFIC_PUB_FOLDER
    step 5-a  create another subfolder $A_SPECIFIC_PUB_FOLDER/SOME_FOLDER
    step 5-b
        chown -Rv publicuser:publicuser $A_SPECIFIC_PUB_FOLDER/SOME_FOLDER
        chmod -v 1770 $( $A_SPECIFIC_PUB_FOLDER/SOME_FOLDER -type d )
step 7 for some user in list
    step 7-a
        create sub folder $A_PUB_FOLDER/$A_USER
    step 7-b
        chown -Rv publicuser:publicuser $A_PUB_FOLDER/$A_USER
        chmod -v 1770 $( $A_SPECIFIC_PUB_FOLDER/SOME_FOLDER -type d )
step 8
    step 8-a su to user1 ; create test file in $A_PUB_FOLDER/user1
    step 8-b su to user2 ; create test file in $A_PUB_FOLDER/user2
    step 8-c as user2 ; create test file in $A_PUB_FOLDER/user1

step 9
print acl for user1 and user2
Code:
MY-SERVER-LINUX:~ # getfacl /d_pub_folder
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder
# owner: publicuser
# group: publicuser
# flags: --t
user::rwx
group::rwx
other::---

MY-SERVER-LINUX:~ # getfacl /d_pub_folder/user_test1
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder/user_test1
# owner: publicuser
# group: publicuser
# flags: --t
user::rwx
group::rwx
other::---

MY-SERVER-LINUX:~ # getfacl /d_pub_folder/user_test1/*
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder/user_test1/test_user_test1_03.txt
# owner: user_test1
# group: users
user::rw-
group::r--
other::r--

# file: d_pub_folder/user_test1/test_user_test2_04.txt
# owner: user_test2
# group: users
user::rw-
group::r--
other::r--

MY-SERVER-LINUX:~ # getfacl /d_pub_folder/user_test2
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder/user_test2
# owner: publicuser
# group: publicuser
# flags: --t
user::rwx
group::rwx
other::---

MY-SERVER-LINUX:~ # getfacl /d_pub_folder/user_test2/*
getfacl: Removing leading '/' from absolute path names
# file: d_pub_folder/user_test2/test_user_test2_03.txt
# owner: user_test2
# group: users
user::rw-
group::r--
other::r--

Any help _is welcome
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Need help to create ACL

Hi, I generated a script that will create the list of dir/sub-dir and will allow to create the same on diff server. this is what i have done : #!/bin/ksh # Script to migrate the directory between the two servers. # Ver 0.1 # Author Krishna. D # c - create and e - extract directory if ;... (1 Reply)
Discussion started by: krishnadvn
1 Replies

2. Shell Programming and Scripting

how to create folder and sub-folder in UNIX ?

Hi all, I have the following code to check the whether the folder is exist in my system. if ; then echo 'folder exist'; else echo 'folder not exist'; mkdir /home/batch/testing ; fi When I remove the "testing" folder from "/home/batch" directory, the code is working fine. But when I... (2 Replies)
Discussion started by: suigion
2 Replies

3. Filesystems, Disks and Memory

can folder shared with NFS (/usr/)

hello i wanted to ask you i try to setting: pc server name: A pc user name: B pc user name: C server A is opensuse 11.2 with kde 4.3.5 and last kernel so i create NFS server, i think.. folder (/usr is all softwares and library) because server A can share to PC A. because all... (0 Replies)
Discussion started by: tunjin
0 Replies

4. Ubuntu

mounting shared folder at boot

Hi All Everytime a reboot my machine "hostB" I have to mount a shared (with machine "hostA" ) NFS folder giving this command sudo mount hostA:/sharedFolder /sharedFolder How to use fstab in order to do this automatically? I should say hostA:/sharedFolder /sharedFolder ... (0 Replies)
Discussion started by: manustone
0 Replies

5. UNIX for Advanced & Expert Users

Set ACL automatically for new folder/objects

Hi, In our bank production environment - IBM AIX 5.3, we have a particular parent folder inside which an application creates temporary folders & files. These temp folders exist for the lifetime of the user session within the application and then get deleted automatically. Since these temp... (1 Reply)
Discussion started by: deepaksinbox
1 Replies

6. Shell Programming and Scripting

See shared folder

Hello, I want to list all shared folder in terminal in local. I haven't found the command for, i'm on bash in mac os x. Thanks (2 Replies)
Discussion started by: protocomm
2 Replies

7. Shell Programming and Scripting

command to connect the shared folder

Hello, I am using unix through cygwin application in my office machine and here i encounter a problem which i want copy certain big files from a shared folder shared folder--\\Parwvm000154\docs to my local machine c:/ I'm really honor if i clarified with the command. Regards... (1 Reply)
Discussion started by: thelakbe
1 Replies

8. UNIX for Dummies Questions & Answers

Trouble setting up a shared folder

I'm trying to set up a folder in my home directory that will be shared with another user but for some reason it is not working this is what I've done, I have tried two different ways using ACL's and chown/chgrp etc I set up a group called say: sharedgroup and added both my user (john) and fred... (3 Replies)
Discussion started by: 14952john
3 Replies

9. UNIX for Dummies Questions & Answers

ACL (POSIX and NFSv4) Support over NFS shared drives on different Unix platforms

Hello, I have a question regarding ACLs and their availability across different Unix platforms via NFS share. If I have an AIX/FreeBSD/Solaris/HP-UX client that has an nfs share from a different system mounted on it, will the ACLs on the nfs share be processed properly? My guess is that as... (2 Replies)
Discussion started by: bstring
2 Replies

10. Shell Programming and Scripting

Use programs in shared folder except ones in my home dir

(0 Replies)
Discussion started by: beca123456
0 Replies
All times are GMT -4. The time now is 11:42 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy