LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   Frustrated, file permissions sharing files (https://www.linuxquestions.org/questions/linux-general-1/frustrated-file-permissions-sharing-files-310931/)

sporks 04-07-2005 09:23 PM

Frustrated, file permissions sharing files
 
I've set up an account for my wife on our home computer since she doesn't care for Enlightenment or whatever other flavor of the week I'm using for my desktop.

I thought it would be simple enough to set up shared files since there are some that both of us, such as our checkbook, write too.

I looked over the tutorial here. Followed it, least I think I did. No dice. I'm in the group I created, she's in the group I created but I still can't write the file. I can read it but can't save changes even though the write permissions for the group are turned on for the file and directories it's in.

I did at one time have it so I could save it. But soon as one of us saved it the write permission for the group dissapeared and the other couldn't write to the file. :?

Any suggestions what I'm doing wrong or need to do?

Tinkster 04-07-2005 10:06 PM

What are the ownerships on the file, and what are
ownerships/permissions on the directory that the file
lives in?
It's always easier to help with more detailed info...



Cheers,
Tink

blue penguin 04-07-2005 10:07 PM

Who ownes the directory it's in? Maybe that's your problem.

I just created a directory called allusers in the home directory as root, changed the group to users, and changed the permissions so that the group had write access, checking with ls -l along the way that everything was as it should be.
Code:

Aiolos:/home# mkdir allusers
Aiolos:/home# ls -l
total 68
drwxr-sr-x  2 root  staff  4096 2005-04-08 14:27 allusers
[...]
Aiolos:/home# chown root:users allusers
Aiolos:/home# ls -l
total 68
drwxr-sr-x  2 root  users  4096 2005-04-08 14:27 allusers
[..]
Aiolos:/home# chmod g+w allusers/
Aiolos:/home# ls -l
total 68
drwxrwsr-x  2 root  users  4096 2005-04-08 14:27 allusers
[...]

then I created a file in /home/allusers as myself (ja) and changed the permissions so that the group had write access.
Code:

ja@Aiolos:/home/allusers$ touch file1
ja@Aiolos:/home/allusers$ ls -l
total 0
-rw-r--r--  1 ja users 0 2005-04-08 14:55 file1
ja@Aiolos:/home/allusers$ chmod g+w file1
ja@Aiolos:/home/allusers$ ls -l
total 0
-rw-rw-r--  1 ja users 0 2005-04-08 14:55 file1

then I edited it a couple of times with different users but the permissions didn't seem to change and no one had access problems.

I hope this helps :)

Cheers,
-Jessica

Dark_Helmet 04-07-2005 10:30 PM

First thing:
If you add yourself to a group, then you need to completely log out before your user will be recognized as a member of that group. This only applies if you were logged into X as a normal user, and then su'ed to root to make the new group and change permissions. When I say log out completely, I mean log out of X entirely. Opening a new terminal will not work.

Second thing:
Check the umask value of you and your wife's account. You should be able to see it in ~/.bash_profile. If no umask command is there, then check /etc/profile. If your umask is set to 022 (which seems to be the standard setting), then that might be th cause of your checkbook file problems. If the application you use deletes the checkbook, then creates a new one when you save it, then your umask comes into play. This would be very, very odd behavior, but I've seen stranger things. Regardless, the umask will be applied whenever you create new files anyway. You may consider changing it to 002.

Third thing:
There's something blue penguin did that she didn't mention. Look closely at the permissions of the directory created:
Code:

drwxrwsr-x  2 root  users  4096 2005-04-08 14:27 allusers
The thing to notice is the 's' character. That indicates the "setgid" bit is set. When that bit is set (I'll mention how later), all files created in the directory belong to the same group the directory itself belongs to. In other words, creating a file in the allusers directory will automatically belong to the "users" group, because the allusers directory belongs to the users group. As promised, the command to set that bit is:
Code:

chmod 2775 allusers
That command is equivalent to setting up a directory exactly as blue penguin setup her allusers directory. Any files already in the directory will need to be manually changed to belong to the appropriate group if they aren't already.

blue penguin 04-09-2005 12:54 AM

Quote:

Originally posted by Dark_Helmet

There's something blue penguin did that she didn't mention. Look closely at the permissions of the directory created:
Code:

drwxrwsr-x  2 root  users  4096 2005-04-08 14:27 allusers
The thing to notice is the 's' character. That indicates the "setgid" bit is set. When that bit is set (I'll mention how later), all files created in the directory belong to the same group the directory itself belongs to. In other words, creating a file in the allusers directory will automatically belong to the "users" group, because the allusers directory belongs to the users group.

Wow that's interesting! I hadn't even noticed that s there. I just thought that any files a user creates are set the group id of the group the user is working as at the time, which in this case has to be the users group.

but this setgid is cool it's like having GPLed folder!

Cheers,
- Jessica

sporks 04-09-2005 07:39 AM

Good suggestions here.

I'll sort though 'em and see what I can do.

I did create another directory called shared. Can't remember though, think that one of the users was the owner not root.

Thanks!

sporks 04-09-2005 08:19 AM

Quote:

Originally posted by Dark_Helmet
[B]First thing:
If you add yourself to a group, then you need to completely log out before your user will be recognized as a member of that group. This only applies if you were logged into X as a normal user, and then su'ed to root to make the new group and change permissions. When I say log out completely, I mean log out of X entirely. Opening a new terminal will not work.

Second thing:
Check the umask value of you and your wife's account. You should be able to see it in ~/.bash_profile. If no umask command is there, then check /etc/profile. If your umask is set to 022 (which seems to be the standard setting), then that might be th cause of your checkbook file problems. If the application you use deletes the checkbook, then creates a new one when you save it, then your umask comes into play. This would be very, very odd behavior, but I've seen stranger things. Regardless, the umask will be applied whenever you create new files anyway. You may consider changing it to 002.

Ah, so I wasn't crazy. I did everything correctly it was the umask value, I was previously unaware of this.

So for future reference.

Kmymoney2
Kanotix (I'd assume Debain systems in general?)

Edit /etc/profile and set the umask from 022 to 002.

Thanks for the help!

Dark_Helmet 04-09-2005 12:54 PM

@blue penguin

Just wanted to elaborate a little on the setgid bit. The behavior I described only applies to directories with that bit set. It has a different meaning when applied to files. When setgid is used on an executable file, it alters the way the program is executed. Specifically, the process starts by belonging to the group owner of the file as opposed to the group the user that started the program belongs to. I believe setgid is ignored by regular (non-executable) files.

There is also a similar setuid bit. For executable with this bit set, the process runs as the owner of the file instead of the user that actually launched it. Again, I think it's ignored by non-executable files and directories.

Lastly there's a "sticky" bit. When the sticky bit is set on a directory, only the owner of the file can delete their files (even if the group has write permissions). This is what's used for the /tmp directory. Everybody can create/delete files in /tmp, but a user only delete files that user owns. The sticky bit is ignored for files.

To modify these permissions, add a leading digit to the chmod command. Setuid corresponds to "read" (4), setgid corresponds to "write" (2), and the sticky bit corresponds to "execute" (1).

sporks 04-19-2005 09:13 PM

Allright, gotta revisit this issue. :roll:

I upgraded my Kanotix and now my "fixes" won't work.

Any ideas?

sporks 04-20-2005 08:37 PM

Ha! Nevermind. :o

You have to make the primary group the users are members of the group that has permissions on this file.


All times are GMT -5. The time now is 08:51 AM.