How to setup file permissions for multiple groups/users that use Windows AND Linux
So, Ive been pounding my head on some File permissions in linux the last couple of days. I've found a solution that works and thought I'd share with everyone.
Ok so, heres my situation: I have a remote directory shared over NFS called tech with perms set as 0750 and owner set to root:tech. I have 2 groups: tech, and techAdmin. tech can read and execute within tech/. techAdmin can read, write, execute. I have 4 users: user1, user2, user3, user4. user1 and user2 is a member of techAdmin, user3 and user4 are members of tech. simple so far...but wait here's the problem. If user1 creates a file inside tech, user2 cant read or modify it because user1 owns it. Here's a few sites that reference this problem: http://linux.derkeiler.com/Mailing-L...5-07/2616.html http://forums13.itrc.hp.com/service/...readId=1147220 http://old.nabble.com/ACLs,-umask-an...d27820947.html http://lists.freebsd.org/pipermail/f...ch/213589.html http://www.linuxquestions.org/questi...-group-755766/ http://ubuntuforums.org/showthread.php?t=141078 http://lists.bostoncoop.net/pipermai...ay/000443.html http://www.linuxforums.org/forum/new...ns-system.html Trying to fix this problem i found literally HUNDREDS of these thread and this same question posted EVERYWHERE. And every answer was the same....you do it with umask. by changing EVERYONES umask in /etc/profile to 027 and create a cronjob that fixes all permissions to 0750 every minute. Changing a umask to 027 can be a dangerous thing and I would NOT recommend doing this...and seriously!?! making a crontab entry that recursively changes the perms to 0750 every 5 minutes on a multi terabyte file server This is BS. I aint doing that... Here's how to do it. Code:
#mkdir tech Code:
# linux-host># getfacl tech Code:
[tech] I know theres room for improvement on this, and if anyone has a solution that worked for them, please share it for future googlers! Rich |
Thank you.
|
Yup! if you found this helpful, dont forget to click rep :)
Rich |
thats reall sweet assas trouble with me is i forget what im doing real quick,i think ill have to have a blood transfusion sorta clean my dead cells away!
|
It can also be done in KDE (gnome too?) in suse, if you right click on the folder > permissions > advanced permissions and add your groups and custom permissions there. Not so bad...
Rich |
All times are GMT -5. The time now is 10:48 AM. |