|
|||||||||
| UNIX for Dummies Questions & Answers This forum is closed for new posts. Please post beginner questions to learn unix and learn linux in this forum UNIX for Beginners Questions & Answers |
unix and linux commands - unix shell scripting |
|
|
Thread Tools | Search this Thread | Display Modes |
|
#1
01-07-2009
- Original Discussion by StephenJH
|
||||
|
||||
|
two groups with permission on one directory
Hi, I have a directory that needs to be accessed by the members of two groups:
group1 needs rw access group2 needs only r access others should have no rights I must be missing something obvious, but I can't figure out how to do it! Any ideas? |
| Sponsored Links | ||
|
|
#2
01-08-2009
- Original Discussion by StephenJH
|
||||
|
||||
|
This is one of the major limitations of the standard Unix file permissions system. The only way I know of to achieve this using just one directory is to use ACLs (access control lists, see man getfacl/setfacl), but unfortunately these are not supported by all filesystems, or by all OS's and/or utilities... e.g. some backup software will not back them up. This is unfortunate because they are very useful for some other things, such as setting default permissions on files and subdirectories created in the directory. One other option you have is to use a structure like this: Code:
drwxr-x--- user1 group2 topdir
drwxrwsr-x user1 group1 subdir
-rw-r--r-- user1 group1 filesThen ensure that all members in group1 are also in group2 (but not the reverse, i.e. group2 is a superset of group1). That way a user in group2 can descend to the /topdir/subdir directory, wherein they effectively have read-only rights by virtue of the "other" attributes. Users in group1 can descend into that directory too because they are also members of group2, and can modify the files because of their group write access. Users in neither group can't even enter the /topdir so they can't access the files at all. You'll notice I have set the setgid bit on the subdir - this ensures all files in that directory are created with group1 ownership. You may also need to consider setting appropriate umasks for the process(es) that create files in this directory so that they are created as 664 instead of 644, i.e. umask 002. |
| Sponsored Links | ||
|
|
|
#3
01-08-2009
- Original Discussion by StephenJH
|
||||
|
||||
|
Thanks Annihilannic, your solution is clever!
|
| Sponsored Links | ||
|
|
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| how to display the permission of the home directory | nadman123 | Shell Programming and Scripting | 9 | 04-15-2008 06:09 AM |
| Problem about Fedora directory permission | zhouq3132 | Linux | 3 | 04-13-2008 02:28 AM |
| how to add permission of directory to a group | ahjiefreak | UNIX for Dummies Questions & Answers | 2 | 02-29-2008 03:20 AM |
| ssh home directory permission | shihabvk | UNIX for Advanced & Expert Users | 1 | 06-25-2007 09:10 PM |
| related to directory permission | mxms755 | UNIX for Dummies Questions & Answers | 1 | 04-06-2006 09:55 AM |
|
|
Linear Mode
