Group Permissions not working when using WinSCP

Drokare · 04-03-2008, 10:40 PM

I have a linux server that a group of Developers use for our Webpage.

I created a Group called dev and all the developers are in this group, I also made sure the dev was the default group in the /etc/passwd for those users.

I made sure that the all the files in the directory have the group set to dev and I made sure the files all had rw for the group. I have also made sure the default umask in the /etc/bashrc is set to 002 so that any new file created is automatically set to group dev and the rights default to rw-rw---.

Now I am on my Windows machine I use WinSCP to remote into the server, I drill down to the directory /var/www/html/ and copy over a file I modified locally, if the user is set to me, no problems, but if the user is set to another, I get access denied. yet I am a member of the dev group and the file has rw-rw---- so group has permission.

Am I missing something? Also the server is Fedora 5.

Thanks in advance..

gilead · 04-03-2008, 11:36 PM

What are the permissions on the directory where the files are being placed? It should belong to the dev group as well and the permissions should be rws - you may need to run chmod g+ws /var/www/html

There's also some useful info on directory permissions here

Drokare · 04-08-2008, 02:38 AM

I think I may have found the issue, as the files themselves are owned by individuals. When overwriting the files it deletes the old one then creates the new one, and even though they are members of the group that have rwx(read, write, execute) on the files, the OS will not allow another group member to delete the file, only modify it...

At least that seems to be the issue I am seeing.

For example. User joe is a member of Group dev and User rob and bob are also members of Group dev.

joe has created a number of files for a website.

so we have the following;

/var/www/html/website
All the files in the website directory have the following rights;
-rw-rwxr-- joe dev about.html
-rw-rwxr-- joe dev contact.html
-rw-rwxr-- joe dev index.html

And the Directory has website has the following rights;
drwxrwxr-x joe dev website

Now bob has updated the the index.html, contact.html, and about.html. He has sftp into the linux server and attempts to overright the existing files, now he will get Access Denied. Even though bob is in the dev group and under the /etc/passwd his default group is dev.

So if bob creates a new file in the website, this from using sftp or I guess I should say copying a new file into the server these are the permissions that are shown when doing a ls -al

-rw-rwxr-- joe dev about.html
-rw-rwxr-- joe dev contact.html
-rw-rwxr-- joe dev index.html
-rw-rwxr-- bob dev test.html

As you can see the default group is dev for bob also and the dev group has full access to all the files in this directory.

I just can not find out how to get around this???? the only idea is to create another user that is ownership of the website files and we developers have to login as that user to overright/update the pages, but to track changes this makes more of a pain to see who actually made the changes for auditing or whatever....

I really hope this makes more sense.... and someone can explain why the group can not make the necessary changes. At this time we need to ssh in and chown the files to who ever is needing to update the files then use the sftp to place them on there. Then the next developer if they have made newer changes needs to then chown the files to him so he can make the changes. Problem is we have three developers that are not linux savvy, I and the other have to make the changes first for them in there directories they are working in....

There has to be something I am missing.