Hi.


I just created a new user 'john' using this command: useradd -G developers john. So now john belongs to a group 'developers'.
i set john's umask to 0002 so that members of the group developers edit the files.

problem.
when john creates a file, it creates with 'john' as the owner and the group. thus it looks like this:

-rw-rw-r-- 1 john john 0 Sep 29 13:54 text.txt

Q? How can I set his account so that when he creates a file the file created belongs to the group developer instead of john. Eg.

-rw-rw-r-- 1 john developers 0 Sep 29 13:54 text.txt

The /etc/groups file reveals that 'john' does below to the group.
developers:x:503:marry,joel,mk,john

The /etc/passwd file reveals this information:
john:x:504:505::/home/john:/bin/bash

Finally issuing this command 'id john' gives me this:
uid=504(john) gid=505(john) groups=505(john),503(developers) context=user_u:system_r:unconfined_t

what am i doing wrong or what am not doing?!

thank you.

Ps. I am using RedHat linux.

I would suggest to set up or modify the john account so that it belongs to the developer group by default, unless you really need each account to have a group on it's own. This way the developer group would always be used for john's new files.

Never mind. I fixed it. Creating a user with '-G' screwed it up.

To fix it I had to do:

# usermod -g developers john

notice the '-g'.

Difference between primary and secondary groups...
Incidentally, to create a shared dir with that property, it's usually best to create a specific user & group, create the home dir, then chmod g+s on the home dir.
That will force all files created by the group members in that dir to be owned by the group id.
Not generally a good idea to allow others into your home dir.

agree to chris, make use of suid(the "g+s" option for chmod) on the dir which you want to share within the group

thank you for the valuable information you have posted.

Q? is it possible that by issuing the "#usermod -g developers john' command I am also allowing entry to the Home directory? How can I secure my Home directory so that no members of the group access it?

I am new so if you can provide a complete example would be very helpful.

Thanks you so much.

C

On a user's home dir, the ownerships that count (ignoring possible acls) are:

u=user (aka owner)
g=group

both taken from his entry in /etc/passwd
eg

ls -ld /home/john

drwxr-xr-x 9 john johns_primary_group 2048 Sep 28 08:34 /home/john

typically.

The drwxr-xr-x means

d = dir

rwx = user has rwx perms
r-x = user's group has r-x
r-x = other/world has r-x

you can remove world perms

chmod o= /home/john

When creating a separate shared group dir as described, you create a new dedicated user/group to own it, so its a different group from anyone's primary group.
Then add the reqd users to the share group.
man chmod, chown; see also chgrp, newgrp

HTH

Awesome! You guys are great.

Thank you.

C