Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Hi,
If user1's main group is genetics and one wants to add him/her to group biochem and to assign biochem as his/her secondary group will the following suffice ?
Code:
$ sudo usermod -G biochem user1
I would like for user1 to have genetics as the main group but also belong to biochem. When user1 creates a file, as he/she belongs to main group genetics, I assume the file will be owned by user1 and group owner will be genetics. Ideally files created by user1 should be accessible to users in group genetics(when permissions are tweaked) but not by individuals in group biochem. However, any files with group owner biochem should be accessible to user1 as he/she does belong to biochem as a secondary group.
Would having user1 main group genetics, secondary group biochem fulfil this criteria ?
At the mean time , if user belong to more than one group the group owner of files/directory created by user will be primary group. although you can change this temporarly by using newgrp command
user1@localhost$newgrp biochem
now whatever files/directory created group owner will be biochem
Thanks Vishesh,
I needed to clarify if the user's primary group would also be the group owner of any files/directories created so users from another group would not have access to the files unless permissions were explicitly set to allow them to do so.
Note that if you want to ensure security in personal dirs, but share files in groups, you can create a new dir owned by eg the 'group' user (eg chown grp1:grp1 gpr1share ) and set
chmod g+s
on the group dir. This forces all files created in the new dir to have the same group ownership automatically, regardless of who creates them.
Obviously all members need to have that group in their group list.
Note that if you want to ensure security in personal dirs, but share files in groups, you can create a new dir owned by eg the 'group' user (eg chown grp1:grp1 gpr1share ) and set
chmod g+s
on the group dir. This forces all files created in the new dir to have the same group ownership automatically, regardless of who creates them.
Obviously all members need to have that group in their group list.
Thanks guys.
So chris you are basically saying create a third group called for example "science" and make this the secondary group for both genetics and biochem. In this way any private files with group ownership biochem would be protected from the prying eyes of genetics. If I follow your example will I also have to create a new user called "science" making sure the account has no login shell ?
Share directory is lifescience
$ chown science:science lifescience
$ chmod g+s lifescience
So everything created in the directory lifescience with have file owner as science and group owner as science. Both genetics groups and biochem groups will have science as their secondary group so biochem's private files will be safe from genetics as biochem is no longer genetics' secondary group ?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
