LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (http://www.linuxquestions.org/questions/linux-general-1/)
-   -   how to share files and directory without group and world access (http://www.linuxquestions.org/questions/linux-general-1/how-to-share-files-and-directory-without-group-and-world-access-746300/)

Z038 08-09-2009 06:56 PM

how to share files and directory without group and world access
 
I want to set up a directory where users from different groups can share files. They all need to be able to view the directory contents, read or edit files, create new files, etc.

These users are in different groups. I don't want to grant world access to the directory or to the files. I want the other access bits set to 0 for the directory and all files created in it.

Is there any way to do this?

pljvaldez 08-10-2009 11:57 AM

Why don't you just create a new group for that directory and then only add those people who need it to the group?

Z038 08-11-2009 12:39 AM

I'm not sure I understand. These users already have a group association, each one different, and they need to remain part of their current group.

i92guboj 08-11-2009 01:20 AM

An user can belong to as many groups as you need. What you want is to create a new group, let's calle it "my_group", and then add all the relevant users to that group. Then make the following:

Code:

chown root:my_group /whatever/dir
chmod 770 /whatever/dir

If you are mounting something into that directory, then the ownerships and permissions might depend (or not) in the mount options, only for some fs's.

i92guboj 08-11-2009 01:26 AM

An user can belong to as many groups as you need. What you want is to create a new group, let's calle it "my_group", and then add all the relevant users to that group. Then make the following:

Code:

chown /whatever/dir root:my_group
chmod 770 /whatever/dir

If you are mounting something into that directory, then the ownerships and permissions might depend (or not) in the mount options, only for some fs's.

vishesh 08-11-2009 01:29 AM

You know there is concept of primary and seconday group, a user can belong to one primary but many seconday group. Create a group for that folder, and make users member of that group. Make that group owner of that folder and assign SGID bit to that folder.

#groupadd <nameofgroup>
#chown root:<nameofgroup> path to folder
#chmod g+s <path to folder>
#gpasswd -a <nameofuser> <nameofgroup>
#gpasswd -a <nameofuser> <nameofgroup>
...
Thanks

Z038 08-11-2009 08:54 PM

Thank you. I must be doing something wrong though, because it doesn't seem to work. The users still get permission denied.

Code:

sar@batcave:/home$ id -a
uid=1002(sar) gid=103(r) groups=7(lp),11(floppy),17(audio),18(video),19(cdrom),83(plugdev),93(scanner),103(r),222(share01)

sar@batcave:/home$ cat /etc/group | grep share01
share01:x:222:sar,fcv,rxf

sar@batcave:/home$ ls -al
...
drwxr-s--- 10 root share01  4096 2007-07-11 03:58 share/


sar@batcave:/home$ cd share
sar@batcave:/home/share$ touch x.y
touch: cannot touch `x.y': Permission denied


vishesh 08-11-2009 11:40 PM

Your group doesn't seem to have write permission
use
:/home$chmod 775 share

thanks

Z038 08-11-2009 11:49 PM

That did it. I don't know how I managed to overlook that. Thank you vishesh.


All times are GMT -5. The time now is 01:02 PM.