Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can someone point me in the right direction. One of my Linux assignments is confusing the hell out of me. The assignment says I am not allowed to use ACL.
Group A) Has write access to the file
Group B) Has read access to the file
Group C) Has no permissions to the file
How can I assign all of these permissions to a file?
Thanks however, I already understand what commands and how they work. The problem I am having, is it does not make logical sense that this task can be completed.
There are three groups: group1 , group2 and group3. Each group has two users user1 and user2.
For this solution group1 has a file and needs rwx and group2 needs to just be able to read it. I dont' understand how this can work. I set the
group owner to group1 and the owner of the file to user1. So I would use chmod 774 fileA but this would also allow group3 to be able to read this file which is not allowed.
Can you help me figure out, how can you assign a group to a file that has read, yet have another group assigned to this file with no access. If I was going to do this my way, I would simply not put the user that should not access the file in the group. But this project requires three groups as described above.
Hey, I am also looking to an answer to this situation... how can you set permissions on a directory or file so that certain groups can do one thing and other groups can have other permissions such as only read?
bigred' You're quite correct. It can't be done using standard unix permissions. A file can belong to one owner and one group only. This is why ACLs were added.
Is it possible you're misunderstanding the requirement?
Nope, still not understanding. What are 'special' linux permissions?
Using standard UNIX permissions, GroupB would have to be granted read access to the directory via the 'others' permissions because the group permissions field would be needed for GroupA to be granted read/write, and going back to your first post that would also allow anyone else in, including groupC, which you said shouldn't have access to it.
Yep. And I agree bigred' if that is indeed what the assignment is asking for, then they might as well have asked you to "Cut down the largest tree in the forest with a herring!"
The only solution I could think of to get even anywhere near this is by using separate directories each with a hardlink to the same file, but it's ugly as hell and wouldn't work for a directory as you can't create hardlinks to a directory.
groupa would gain access to the file via directory 'groupa' and read/write access to the file via the 'group' permissions on the file itself.
groupb would gain access to the file via directory 'groupb' and read access to the file via the 'others' permissions on the file itself
groupc wouldn't be able to get into either directory at all.
The above is not at all practical in the real world and ACLs are the correct solution to this type of problem. I don't expect your assignment would be expecting a solution like this involving hardlinks though.
I'd love to know exactly what solution your teacher was expecting. Could it be a trick question? Perhaps you're meant to go back and say it can't be done.
Set the directory with the file to groupC and set the file to groupA now you have only to figure out the permissions.
Nice one whizje. I take my hat off to you.
Use of group permissions subtractively is not something you tend to see in the real world as it's really not all that practical or sensible a way to manage privileges. I'd forgotten it could be used that way.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.