LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-18-2009, 05:32 AM   #1
zhjim
Senior Member
 
Registered: Oct 2004
Distribution: Debian Squeeze x86_64
Posts: 1,748
Blog Entries: 11

Rep: Reputation: 233Reputation: 233Reputation: 233
permissions and acl


Hi folks,

I wonder if its possible with permissions or acl to automaticaly grant permission on new created files and directory for a certain user. The call for umask just does not fit and I could not find anything like this in the setfacl man page.
Heres the ruff setup I have and what I want to achieve:

Code:
:/$ getfacl /var/www
getfacl: Removing leading '/' from absolute path names
# file: var/www
# owner: root
# group: root
user::rwx
user:ase:rwx
group::r-x
mask::rwx
other::r-x
So the user ase is allowed to do everything in /var/www. Now assume another user creates a directory in /var/www. As long as he does not create any files within it ase can delete this directory. But as soon as the other user creates a file within this newly created directory ase is not allowed to delete the directory

Code:
:/var/www$ rm ./somestrange/
rm: cannot remove `./somestrange/': Is a directory
:/var/www$ rm ./somestrange/ -r
rm: descend into write-protected directory `./somestrange/'? y
rm: remove write-protected regular empty file `./somestrange/all'? y
rm: cannot remove `./somestrange/all': Permission denied
So is there anyway to automagicly have ase granted the right permissions?

The only thing I can come up with is to have all the user in the same group and set umask to 002 but this does not realy suit me.

Best Regards
Zhjim
 
Old 11-18-2009, 06:34 AM   #2
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682
Set the file acl and the default acl on the containing directory.

setfacl -m d:u:<username>:perms <directory>
setfacl -m u:<username>:perms <directory>

Files and directories created inside will inherit the acls.
 
Old 11-18-2009, 08:02 AM   #3
zhjim
Senior Member
 
Registered: Oct 2004
Distribution: Debian Squeeze x86_64
Posts: 1,748

Original Poster
Blog Entries: 11

Rep: Reputation: 233Reputation: 233Reputation: 233
Thanks for the input. I totaly missed out on the default option.

Just for completness and after reading the man page again I stumbled upon the -d option which is just a nother way of using d:.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Default ACL and permissions inheritance mikemrh9 Linux - Security 5 07-05-2016 07:19 AM
ACl access permissions pramka SUSE / openSUSE 2 04-17-2008 01:24 PM
Where are ACL permissions saved? armandino Linux - Security 6 07-06-2007 12:46 AM
acl permissions linuxtesting2 Linux - General 0 10-25-2004 03:18 PM
default files and folder acl permissions Baltasar Fedora 4 08-30-2004 01:50 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration