LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 09-10-2009, 12:03 PM   #1
uncle-c
Member
 
Registered: Oct 2006
Location: The Ether
Distribution: Fedora 14, Ubuntu , Slax 5.1.8, OpenSolaris, Centos 4.8
Posts: 296

Rep: Reputation: 30
Adding user to a secondary group ?


Hi,
If user1's main group is genetics and one wants to add him/her to group biochem and to assign biochem as his/her secondary group will the following suffice ?

Code:
$ sudo usermod -G biochem user1
I would like for user1 to have genetics as the main group but also belong to biochem. When user1 creates a file, as he/she belongs to main group genetics, I assume the file will be owned by user1 and group owner will be genetics. Ideally files created by user1 should be accessible to users in group genetics(when permissions are tweaked) but not by individuals in group biochem. However, any files with group owner biochem should be accessible to user1 as he/she does belong to biochem as a secondary group.
Would having user1 main group genetics, secondary group biochem fulfil this criteria ?

thanks
 
Old 09-10-2009, 12:06 PM   #2
vishesh
Member
 
Registered: Feb 2008
Distribution: Fedora,RHEL,Ubuntu
Posts: 660

Rep: Reputation: 66
You are right,
You can also use gpasswd command

root#gpasswd -a user1 biochem

At the mean time , if user belong to more than one group the group owner of files/directory created by user will be primary group. although you can change this temporarly by using newgrp command

user1@localhost$newgrp biochem

now whatever files/directory created group owner will be biochem


thnks

Last edited by vishesh; 09-10-2009 at 12:09 PM.
 
Old 09-10-2009, 12:16 PM   #3
uncle-c
Member
 
Registered: Oct 2006
Location: The Ether
Distribution: Fedora 14, Ubuntu , Slax 5.1.8, OpenSolaris, Centos 4.8
Posts: 296

Original Poster
Rep: Reputation: 30
Thanks Vishesh,
I needed to clarify if the user's primary group would also be the group owner of any files/directories created so users from another group would not have access to the files unless permissions were explicitly set to allow them to do so.

thanks again,
uncle c
 
Old 09-10-2009, 06:03 PM   #4
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,289

Rep: Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034
Note that if you want to ensure security in personal dirs, but share files in groups, you can create a new dir owned by eg the 'group' user (eg chown grp1:grp1 gpr1share ) and set

chmod g+s

on the group dir. This forces all files created in the new dir to have the same group ownership automatically, regardless of who creates them.
Obviously all members need to have that group in their group list.
 
Old 09-11-2009, 05:01 AM   #5
vishesh
Member
 
Registered: Feb 2008
Distribution: Fedora,RHEL,Ubuntu
Posts: 660

Rep: Reputation: 66
dear
You are right. To set permission to specific group other than group owner you should use acl option.

thnks
 
Old 09-11-2009, 06:05 AM   #6
uncle-c
Member
 
Registered: Oct 2006
Location: The Ether
Distribution: Fedora 14, Ubuntu , Slax 5.1.8, OpenSolaris, Centos 4.8
Posts: 296

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by chrism01 View Post
Note that if you want to ensure security in personal dirs, but share files in groups, you can create a new dir owned by eg the 'group' user (eg chown grp1:grp1 gpr1share ) and set

chmod g+s

on the group dir. This forces all files created in the new dir to have the same group ownership automatically, regardless of who creates them.
Obviously all members need to have that group in their group list.
Thanks guys.
So chris you are basically saying create a third group called for example "science" and make this the secondary group for both genetics and biochem. In this way any private files with group ownership biochem would be protected from the prying eyes of genetics. If I follow your example will I also have to create a new user called "science" making sure the account has no login shell ?

Share directory is lifescience

$ chown science:science lifescience

$ chmod g+s lifescience

So everything created in the directory lifescience with have file owner as science and group owner as science. Both genetics groups and biochem groups will have science as their secondary group so biochem's private files will be safe from genetics as biochem is no longer genetics' secondary group ?

thanks
c

Last edited by uncle-c; 09-11-2009 at 06:07 AM.
 
  


Reply

Tags
group, ownership, secondary, user, usermod


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to remove a user from secondary group using command line iamjayanth Red Hat 2 07-10-2009 11:12 PM
adding a user to a group ekdya Debian 5 09-16-2006 01:51 PM
How to remove user from their secondary group? Akhran Linux - Newbie 2 09-13-2006 04:09 AM
create user with secondary group levis_inferno Linux - Networking 6 05-31-2006 12:33 AM
Adding user to a group onjoo Linux - Newbie 1 03-05-2006 06:23 AM


All times are GMT -5. The time now is 11:57 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration