LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-12-2006, 08:45 AM   #1
stuffedcat
LQ Newbie
 
Registered: May 2005
Posts: 11

Rep: Reputation: 0
script on log-out to alter file permissions


Hi,

I've installed Linux (edubuntu) with 4 users and assigned them all to a group. What I'd like to do is as well as each user's home directory is to have a shared directory which all users within the group has read/write privilages on everything in that directory. After doing some googling on the subject (I'm predominantly from a Windows/VMS background) it would appear that this isn't as easy as I'd like it to be. So what I thought would be a reasonable soution to this would be to create some kind of script that would run when a user logs out which would scan the directory/subdirectories of the shared directory and any file which didn't have group read/write access, to chmod them.

However, I haven't the faintest idea of where to start with this! Could anyone give me any help with this? Or pointers to any on-line documentation that might be of use?
 
Old 06-12-2006, 08:48 AM   #2
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 332Reputation: 332Reputation: 332Reputation: 332
If you are using the bash shell, the '.bash_logout' script is run when a user logs out.
 
Old 06-12-2006, 10:18 AM   #3
timmeke
Senior Member
 
Registered: Nov 2005
Location: Belgium
Distribution: Red Hat, Fedora
Posts: 1,515

Rep: Reputation: 61
It isn't difficult, it's just not practical and unnecessary in many cases

Let me explain:
Say you have a directory called "X" under your root directory "/", so "/X" and it's owned by the group to which your 4 users belong (see chown/chgrp/chmod). Let's assume that this group is called "theGroup".
Let's also assume that all users have access to the directory and that group permission says "read-write".

Directory permissions, in general, mean the following (which is slightly different from file permissions):
* read = read the contents of the directory
* write = add/move/delete files in the directory. Note also that "move" implies "rename".
* execute = possibility to search "through" the directory, ie to access the files in the directory, to go into subdirectories, etc.

Hence, in your case, you'll need read/write/execute permission for "theGroup" on /X.

The problem you were having is that, whenever one of your users creates a file in the directory, the other users may not have sufficient file permissions to use that file.
This problem can obviously be fixed by changing the file permissions. However, "chmod"ing the file isn't the only option.
Any of the other users can actually use "mv" to rename the file and thus becomes it's owner. In doing so, he/she can gain access to the file.
So, by using the directory permissions, you can still obtain file access, regardless of file permissions.

But this is still somewhat "unpractical".
Here are a few tips to make things easier:
-put the setGID permission bit on the directory "X". This will make any newly created files in the directory owned by the group "theGroup".
-default file permissions, used when a user creates a file and doesn't set the permissions explicitly (ie via chmod), are governed by umask settings. You can play around with these settings to make the default file permissions allow read/write access for the group, for instance. This will make most of the files accessible to the entire group.

The "lazy" solution, for instance doing "chmod 770 /X/*" or "chmod 777 /X/*" will of course also work, but is a questionable approach. Think about, for instance, what happens if 2 users are working on the same system at the same time. User A will create a file and continues to work without logging out. Hence, your chmod will not get run automatically. User B, who wants to access the file created by A in /X, thus may not have access until A logs out...

If you really want to force this, you could put the "chmod" command in a cron job, which executes for instance every 5 minutes. But needless to say, this may slow down your system a little.

There are more advanced solutions, like mount options, too, but I don't want to go into too much detail.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to create log file from script fotoguy Programming 12 03-27-2012 07:39 AM
Script to create a log file satimis Programming 15 01-16-2006 07:39 AM
Log file permissions mikeyt_333 Linux - General 2 12-16-2004 12:15 PM
How do I alter folder access permissions-Suse 9.1? Fenster Linux - Newbie 2 07-29-2004 07:22 PM
NTFS- cannot alter permissions of files, only folders tomranson Linux - General 2 10-19-2003 04:27 AM


All times are GMT -5. The time now is 09:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration