[SOLVED] Permissions for a Directory depending on what group (GID) user is in

caiphn · 05-26-2012, 01:36 PM

Hi I'm running: Linux version 2.6.16.60-0.59.1-smp (gcc version 4.1.2 20070115 (SUSE Linux)) #1 SMP

Not sure if that's relevant or not. Sorry for the eye roller, but I've done some googling and it seems like I want the 'chmod' command, but I can't figure out exactly what I need to do.

I have two user groups, 4100 and 4200.

I want 4100 to have read/write/execute/delete access to a particular directory, and I want 4200 to only have read access to a directory. I've been fighting this for a couple of hours, I'd appreciate some direction.

Ser Olmy · 05-26-2012, 01:50 PM

A directory in Unix can only be owned by one group. If the directory is owned by 4100, you can give that group r/w/x permissions, but members of 4200 would then have the same rights as every other non-member of 4100.

The above is true for the standard Unix permission model, and it cannot handle a scenario like the one you presented. What you probably want, is a filesystem feature called Access Control Lists (ACLs). man mount and man fstab will tell you how to enable ACLs on your filesystem, and man setfacl will tell you how to create and manipulate ACLs.

pan64 · 05-26-2012, 01:50 PM

it looks easy. Just set the group id 4100 to that particular directory, and set full permission to the group and set read permission to others.

caiphn · 05-26-2012, 01:54 PM

Ser Olmy: Thank-you for the response, the second response I got seems to be the more quick and dirty approach that I'm looking for here.

Quote:

Originally Posted by pan64

it looks easy. Just set the group id 4100 to that particular directory, and set full permission to the group and set read permission to others.

How do I go about doing that?

pan64 · 05-26-2012, 02:04 PM

you need to use chmod to change/set permissions and chgrp to change group

_____________________________________
If someone helps you, or you approve of what's posted, click the "Add to Reputation" button, on the left of the post.
Happy with solution ... mark as SOLVED
(located in the "thread tools")

caiphn · 05-26-2012, 02:09 PM

[QUOTE=pan64;4688267]you need to use chmod to change/set permissions and chgrp to change group

OK. When I go through chmod manual pages, I'm not sure exactly what I'm looking for to accomplish this. I understand this is some serious hand holding, but how exactly do I do this? The directory is already the appropriate group.

caiphn · 05-26-2012, 02:17 PM

would it be 'chmod o+r-wx directoryname'?

pan64 · 05-26-2012, 02:20 PM

you can test it easily I think, as you described it should be ok.

_____________________________________
If someone helps you, or you approve of what's posted, click the "Add to Reputation" button, on the left of the post.
Happy with solution ... mark as SOLVED
(located in the "thread tools")

lithos · 05-26-2012, 04:22 PM

Hi caiphn,

for me it was easier to remember the "chmod" values by numbers (octal mode) than letters,
so it goes:

Code:

chmod ugo filename/directory_name

ugo - meaning
User Group Others

and the values for:
r(ead) - 4
w(rite) - 6
e(x)ecute - 5

all enabled - 7

which would then be used in your case like:

Code:

chmod 775 directoryname

775 meaning:
7- read/write/execute - Owner
7- r/w/x - Group
5- eXecute - others (meaning can read the directory)

caiphn · 05-26-2012, 04:29 PM

Excellent! Thank-you so much for clearing that up for me, lithos!

Quote:

Originally Posted by lithos

Hi caiphn,

for me it was easier to remember the "chmod" values by numbers (octal mode) than letters,
so it goes:

Code:

chmod ugo filename/directory_name

ugo - meaning
User Group Others

and the values for:
r(ead) - 4
w(rite) - 6
e(x)ecute - 5

all enabled - 7

which would then be used in your case like:

Code:

chmod 775 directoryname

775 meaning:
7- read/write/execute - Owner
7- r/w/x - Group
5- eXecute - others (meaning can read the directory)

lithos · 05-26-2012, 05:05 PM

No problem,

that's how I remembered,

here is more detailed explanation of permissions in linux.

You will master it.