LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 06-24-2009, 05:49 PM   #1
Metropolis
LQ Newbie
 
Registered: Jun 2009
Posts: 21

Rep: Reputation: 15
Trouble setting up User Private Group(UPG) in RHEL5


Hello,

I am trying to setup a UPG as explained on this page,

http://www.centos.org/docs/2/rhl-rg-...te-groups.html

Lets say that I have a folder called "html", a group called "coders", and 2 users named "user1" and "user2." Heres what I did.

I setup the coders group, and added user1 and user2 to that group. When I check the group file I see the following for coders group,

<coders:x:501:user1,user2>

Next I changed all files and folders under the html folder to have the owner of root, the group of coders, and the permissions with the GID sticky bit set,

<chown -R root.coders html>
<chmod -R 2775 html>

Now, if I open up an FTP program like winscp and create a file under the html folder with user1, the permissions on the file are this,

<-rw-rw-r-- 1 user1 coders 5 Jun 24 15:45 test.php>

The sticky bit is gone, and user2 cannot overwrite this file or delete it. I want to set it up so that every user in the "coders" group will have full permissions to all folders and files under the "html" folder. What am I doing wrong? Thanks in advance for any help.

Metropolis
 
Old 06-24-2009, 07:35 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,666
Blog Entries: 54

Rep: Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952
Welcome to LQ, hope you like it here.

Quote:
Originally Posted by Metropolis View Post
What am I doing wrong?
0) you're using the Red Hat Linux 7.2 reference, 1) please have a look at ACL instead?
 
Old 06-25-2009, 10:08 AM   #3
Metropolis
LQ Newbie
 
Registered: Jun 2009
Posts: 21

Original Poster
Rep: Reputation: 15
Hi unSpawn, thank you for the reply.

So are you saying that I need to install ACL in order to fix this problem? Or is there another way? I dont really know alot about the different linux file systems and I dont know anything about this ACL either.

Metropolis
 
Old 06-25-2009, 10:30 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,666
Blog Entries: 54

Rep: Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952
I'm saying that UPG, novel as it may have been at the time, has its uses. Given how managing groups can get unwieldy I suggested ACLs as that's what most of these types of questions (should) end up with. That you know nothing of "different linux file systems" or ACL can be easily repaired by reading the documentation and examples there and search LQ for threads on ACL. I hope you will conclude it is versatile and easy to set up, use and manage.
 
Old 06-25-2009, 12:26 PM   #5
Metropolis
LQ Newbie
 
Registered: Jun 2009
Posts: 21

Original Poster
Rep: Reputation: 15
Hi unSpawn,

I was reading http://oss.sgi.com/projects/xfs/ and read this,

POSIX Access Control Lists (ACLs)

XFS supports the ACL semantics and interfaces described in the draft POSIX 1003.1e standard.


What im wondering is, if I install the XFS filesystem, will that take care of this ACL problem also?

The current kernal im running is 2.6.18-128.1.14.el5xen, and the df -T command gives me this for my filesystem,

Filesystem Type 1K-blocks Used Available Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
ext3 111477424 4243260 101480104 5% /
/dev/sda1 ext3 101086 28122 67745 30% /boot
tmpfs tmpfs 905552 0 905552 0% /dev/shm
none tmpfs 905464 104 905360 1% /var/lib/xenstored

Im not spectacular with linux so im sorry if im not understanding how to do this. Thanks again for all your help.


Metropolis
 
Old 06-25-2009, 06:09 PM   #6
Metropolis
LQ Newbie
 
Registered: Jun 2009
Posts: 21

Original Poster
Rep: Reputation: 15
Question

Ok I think I have figured out my problem. Since im not "spectacular" with linux, I did not really know what ACL is, and I did not know that it is already built into the system. Now that I have figured that out I should be able to find the answers I needed. Thanks again for all your help unSpawn. I will post again later if I still have more questions.


Metropolis
 
Old 06-26-2009, 11:28 AM   #7
Metropolis
LQ Newbie
 
Registered: Jun 2009
Posts: 21

Original Poster
Rep: Reputation: 15
Still not working

Im using ACL now and im running into the same problems. It seems like no matter what permissions I put on a file or folder for the group, it only allows me to alter the file if it is the owner altering it.

Heres what im doing. I put a default ACL on the html folder like this,

Code:
setfacl -R -d -m g:coders:rwx html
Code:
getfacl html 

Produces:
# file: resources
# owner: root
# group: coders
user::rwx
group::rwx
mask::rwx
other::r-x
default:user::rwx
default:group::rwx
default:group:coders:rwx
default:mask::rwx
default:other::r-x
Then I also gave all permissions to the coders group like this,

Code:
setfacl -R -m g:coders:rwx html
Now when I logon using winscp I am able to create a file with user1 or user2, but I cannot create a file with user1, and then overwrite that file with user2. Which does not make any sense to me.

Metropolis
 
Old 06-28-2009, 11:18 AM   #8
Metropolis
LQ Newbie
 
Registered: Jun 2009
Posts: 21

Original Poster
Rep: Reputation: 15
Nobody can help me on this? Seems like it should be an easy fix.....
 
Old 06-29-2009, 05:08 PM   #9
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,666
Blog Entries: 54

Rep: Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952
Maybe it's something with how WinSCP handles things? Does it test OK when using local user accounts?
 
Old 06-30-2009, 12:15 PM   #10
Metropolis
LQ Newbie
 
Registered: Jun 2009
Posts: 21

Original Poster
Rep: Reputation: 15
Hmmm Interesting......

It seems as though it is uploading fine in filezilla. So maybe the problem is WinSCP.....I just did not think that there would be any difference between the two. Here is the error that WinSCP gives me.

Code:
Permission denied.
Error code: 3
Error message from server: Permission denied
Request code: 9
Do you think I should just ditch WinSCP??
 
Old 06-30-2009, 12:20 PM   #11
Metropolis
LQ Newbie
 
Registered: Jun 2009
Posts: 21

Original Poster
Rep: Reputation: 15
Something else

Actually, I now realized that WinSCP is actually uploading it fine....Im just getting an error about the permissions, and im having to hit the abort key. Strange.....Maybe FileZilla just knows that this does not matter because it knows the permissions are correct due to the ACL.
 
Old 06-30-2009, 12:35 PM   #12
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,666
Blog Entries: 54

Rep: Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952
Would be interesting to run this by the WinSCP people I think.
 
Old 06-30-2009, 03:19 PM   #13
Metropolis
LQ Newbie
 
Registered: Jun 2009
Posts: 21

Original Poster
Rep: Reputation: 15
Thanks alot for your help unSpawn...You got me thinking about things that could possibly be the problem , which helped out alot.

Metropolis
 
Old 06-30-2009, 06:00 PM   #14
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,666
Blog Entries: 54

Rep: Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952Reputation: 2952
NP, you're welcome. Do let us know if there's anything WinSCP-wise or if you want to troubleshoot this a bit more.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting a group to which all user should belong to. krzysiek Linux - Newbie 2 07-29-2008 06:32 AM
why rhel4 samba "user security" setting diffrence with rhel5? hocheetiong Linux - Newbie 0 12-21-2007 01:31 AM
To apply acl for two diffrent user,group in RHEL5,Squid 2.6 mbnaik Linux - Enterprise 0 10-01-2007 11:27 AM
I'm having trouble setting up a new user, especially the password donJulio Slackware 8 08-09-2006 03:59 AM
Two Questions: autologin to X, and setting the adding a user to a group. Cobra133 Slackware 8 06-01-2004 03:43 PM


All times are GMT -5. The time now is 05:15 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration