chmod - dir permission
Is there a way to set permission to dir, so that every file created in this dir can be overwritten by another user? User with different group.
|
[UPDATE]
The reason why I am asking is that I want to partition USB drive with EXT4 (Actually, I want to encrypt drive with LUKS and make ext4 file system inside). That however works good only when I am a root user. As soon as I switch to regular user it starts with permission issues. (even when I do chmod 1777 to the whole file system). As a workaround, I can use NTFS partition but I would rather keep to native Linux file systems. |
Have you tried setfacl command? https://wiki.archlinux.org/index.php..._Control_Lists
|
As giis suggested, you have to set the ACL on the mountpoint of your encrypted partition to allow an ordinary user to access it:
Code:
# setfacl -m "<username>:rw" <mountpoint> |
There are two different possibilities: 1. you want to edit/modify files, these depends on the permissions of those files, so the answer is no.
2. you want to remove/delete that file and create it again (as another user). It may only depend on the permission of the dir, obviously 777 on that dir will allow that. |
Quote:
|
For anyone interested, came across this good article on using ACLs to address this type of problem:
https://www.2daygeek.com/how-to-conf...getfacl-linux/ |
Hi, thanks for replies. I tried setfacl but it didnt really work as expected.
Code:
$ sudo setfacl -m "user1:rw" /mnt/x |
Can you share the output of getfacl on the directory? Does it show newly added permission?
|
Without execute permission, all you can do is list the names in the directory. You can't use the directory to access the file's inode or data blocks, so ls can't get any information about the file.
|
I have added "execute" to that dir.
Code:
$ sudo getfacl /mnt/x Now: 1. my user can edit files belonging to "root" 2. if my user create file, only him or users on other system with this same uid and gid can edit this file. 3. if USB drive mounted on another system where mount point has no acl set up, and the user has different uid and gid than the one I use on my system, none of files are editable. Moreover it creates files in read only mode (for himself). Code:
$ ls -al /mnt/x/ |
you are mixing now the permission settings of mount (and directories). That is a different issue, and in your case it looks like it is more restrictive. Using different filesystem(s) like NTFS will not auto-magically solve this issue, although it may have different defaults as the currently used filesystem.
File creation is ruled by umask (which is a third issue). |
You have to set the ACL while the USB filesystem is mounted. The root inode of the mounted filesystem covers up the the mount point directory, so anything you set on that mount point directory is irrelevant.
If the numeric UIDs are not the same on all the systems, you have to add an ACL for each numeric ID. Life is a lot easier if you keep the UIDs in sync. You can also add a "default" ACL to the mounted directory, and those access permissions will be inherited by any newly created files. |
Hi guys, many thanks for your replies.
Mount point on my system is /mnt/x Obviously on any other systems it will be whatever else AND I have no root access there. Also users (uid/gid) will be different too. By executing $ sudo setfacl -m "user1:rwx" /mnt/x , I understand Im setting ACL to the root of my USB driver (while its mounted). I have already tested with NTFS - in that case any user can modify/delete any files with no matter of its permissions. And that is my goal (although I would prefer to have native Linux fs). |
As root:
Mount your device on /mnt/x Remove all ACLs with Code:
setfacl -b /mnt/x Code:
chmod 777 /mnt/x Code:
setfacl -m default:user::rwx /mnt/x Code:
getfacl /mnt/x |
All times are GMT -5. The time now is 11:38 PM. |