trouble with SGID on a shareable folder
 

I'm running slackware 13.0. I've created a folder called "slackware"
that I'm trying to make shareable shareable by everyone in the group
called "packager".

I added myself and root to the group "packager":
usermod -G packager root
usermod -G packager chytraeus


If i set the permissions to 2777 i can create a file just fine:

root@leo:~# chmod -R 2777 /home/slackware
chytraeus@leo:~$ touch /home/slackware/test_file

But, if i set the permissions to 2770 i cannot create a file:

root@leo:~# chmod -R 2770 /home/slackware
chytraeus@leo:~$ touch /home/slackware/test_file
touch: cannot touch `/home/slackware/test_file': Permission denied

I noticed that if I type:

chytraeus@leo:~$ id -nG chytraeus

I see this:
users packager

But, if type:
chytraeus@leo:~$ id -nG

I see:
users lp wheel floppy audio video cdrom plugdev power netdev scanner

Here is the output on the directory permissions:
chytraeus@leo:~$ ls -ld /home/slackware/
drwxrws--- 4 nobody packager 4096 2010-01-25 20:53 /home/slackware//

Someone able to help?

Did you add yourself to packagers with 'gpasswd -a chytraeus packager', or did you edit /etc/group manually? Also, what does 'whoami' print?

Thanks for responding, Elemecca.

I added myself to packagers with usermod -G packager chytraeus.

chytraeus@leo:~$ whoami
chytraeus

So you did. I notice now that you said so in your original post.

'usermod -G' sets, not appends to, your supplementary group list. The command 'usermod -G packager chytraeus' made packager your only supplementary group. To append to the list you need to use '-Ga' instead of '-G'. In order to restore root's and your proper group memberships, run the following commands. '<groups>' will need to be replaced with root's proper group list, see below.
You got different results from the two calls to id because 'id -Gn' queries your effective group membership whereas 'id -Gn chytraeus' queries your membership in /etc/group. Your group membership is only refreshed from /etc/group when you log in, so your effective membership was what it had been before reconfiguration. If you have a root shell that's been logged in since before the reconfiguration you can recover root's proper group membership by querying its effective group list. If you don't, tell me and I'll fire up my Slack13 VM and look it up for you.

Once you log in again your effective group membership will match that in /etc/group and your permissions problem should go away. Remember not to exit your current shell before you restore your proper group list or you may not have the permissions required to do so.

Okay, slackware's usermod lacks the -a option.

Querying root's groups shows the following:

not sure if the results from id are as they should be - don't know what groups root should belong to.

If your usermod lacks '-Ga' you should use 'gpasswd -a <user> <group>' instead. This is probably a better way than 'usermod -Ga' anyway, as gpasswd is the tool used for most group maintenance.

On my Gentoo system root has group membership 'root bin daemon sys adm disk wheel floppy dialout tape video'. This is probably wrong for your Slack13 system, just showing that root usually belongs to more groups than just 'root'. Give me a minute and I'll boot up my Slack13 VM and post root's default group membership for you.

Okay, on Slack13 root's proper group membership is 'root bin daemon sys adm disk wheel floppy audio video cdrom tape plugdev power netdev scanner'.

So the command to restore it (with the new group) is 'usermod -G root,bin,daemon,sys,adm,disk,wheel,floppy,audio,video,cdrom,tape,plugdev,power,netdev,scanner,packag er root'.

EDIT: Apparently there's something wrong with the forum software. I'm seeing a space before the 'er' in 'packager' in the post but not in the edit box. The space shouldn't be there.

Alright, users are with their correct groups and I can now write to /home/slackware.

Thank you very much.