Trouble setting up User Private Group(UPG) in RHEL5
Hello,
I am trying to setup a UPG as explained on this page, http://www.centos.org/docs/2/rhl-rg-...te-groups.html Lets say that I have a folder called "html", a group called "coders", and 2 users named "user1" and "user2." Heres what I did. I setup the coders group, and added user1 and user2 to that group. When I check the group file I see the following for coders group, <coders:x:501:user1,user2> Next I changed all files and folders under the html folder to have the owner of root, the group of coders, and the permissions with the GID sticky bit set, <chown -R root.coders html> <chmod -R 2775 html> Now, if I open up an FTP program like winscp and create a file under the html folder with user1, the permissions on the file are this, <-rw-rw-r-- 1 user1 coders 5 Jun 24 15:45 test.php> The sticky bit is gone, and user2 cannot overwrite this file or delete it. I want to set it up so that every user in the "coders" group will have full permissions to all folders and files under the "html" folder. What am I doing wrong? Thanks in advance for any help. Metropolis |
Welcome to LQ, hope you like it here.
Quote:
|
Hi unSpawn, thank you for the reply.
So are you saying that I need to install ACL in order to fix this problem? Or is there another way? I dont really know alot about the different linux file systems and I dont know anything about this ACL either. Metropolis |
I'm saying that UPG, novel as it may have been at the time, has its uses. Given how managing groups can get unwieldy I suggested ACLs as that's what most of these types of questions (should) end up with. That you know nothing of "different linux file systems" or ACL can be easily repaired by reading the documentation and examples there and search LQ for threads on ACL. I hope you will conclude it is versatile and easy to set up, use and manage.
|
Hi unSpawn,
I was reading http://oss.sgi.com/projects/xfs/ and read this, POSIX Access Control Lists (ACLs) XFS supports the ACL semantics and interfaces described in the draft POSIX 1003.1e standard. What im wondering is, if I install the XFS filesystem, will that take care of this ACL problem also? The current kernal im running is 2.6.18-128.1.14.el5xen, and the df -T command gives me this for my filesystem, Filesystem Type 1K-blocks Used Available Use% Mounted on /dev/mapper/VolGroup00-LogVol00 ext3 111477424 4243260 101480104 5% / /dev/sda1 ext3 101086 28122 67745 30% /boot tmpfs tmpfs 905552 0 905552 0% /dev/shm none tmpfs 905464 104 905360 1% /var/lib/xenstored Im not spectacular with linux so im sorry if im not understanding how to do this. Thanks again for all your help. Metropolis |
Ok I think I have figured out my problem. Since im not "spectacular" with linux, I did not really know what ACL is, and I did not know that it is already built into the system. Now that I have figured that out I should be able to find the answers I needed. Thanks again for all your help unSpawn. I will post again later if I still have more questions.
Metropolis |
Still not working
Im using ACL now and im running into the same problems. It seems like no matter what permissions I put on a file or folder for the group, it only allows me to alter the file if it is the owner altering it.
Heres what im doing. I put a default ACL on the html folder like this, Code:
setfacl -R -d -m g:coders:rwx html Code:
getfacl html Code:
setfacl -R -m g:coders:rwx html Metropolis |
Nobody can help me on this? Seems like it should be an easy fix.....
|
Maybe it's something with how WinSCP handles things? Does it test OK when using local user accounts?
|
Hmmm Interesting......
It seems as though it is uploading fine in filezilla. So maybe the problem is WinSCP.....I just did not think that there would be any difference between the two. Here is the error that WinSCP gives me.
Code:
Permission denied. |
Something else
Actually, I now realized that WinSCP is actually uploading it fine....Im just getting an error about the permissions, and im having to hit the abort key. Strange.....Maybe FileZilla just knows that this does not matter because it knows the permissions are correct due to the ACL.
|
Would be interesting to run this by the WinSCP people I think.
|
Thanks alot for your help unSpawn...You got me thinking about things that could possibly be the problem :), which helped out alot.
Metropolis |
NP, you're welcome. Do let us know if there's anything WinSCP-wise or if you want to troubleshoot this a bit more.
|
All times are GMT -5. The time now is 11:10 PM. |