On Tuesday 16 October 2007, Alan McKinnon wrote: > On Tuesday 16 October 2007, Mick wrote: > > Hi All, > > > > This is a simple question but I'm getting tired and can't think > > straight with this permissions problem: > > > > I am trying to create a directory within which two users will be able > > to save and delete documents. This directory is only meant to be > > accessible/readable by these two users. > > > > I created directory TEST, under /var/www/html. This contains > > subdirectories TEST1, TEST2, TEST3. Each subdirectory contains other > > files. I set the permissions recursively to apache:ftp. Both users > > are members of group ftp. I chmod -R g+w. > > > > When I create a new subdirectory and save a file in it I noticed that > > it is mick:wheel instead of mick:ftp. How do I set it up so that > > newly created directories/files inherit the parent group ownership? > > You want the setgid bit on for the directory. This causes all new files > and directories in it to be owned by the same group that owns the > top-most directory: > > chmod g+s TEST > > This won't change permissions on existing directories though, and you > can't use chmod -R (that will sgid the files as well), so use find like > so: > > find TEST -type d -exec chmod g+s {} \; > > You will also need to enable group write permission on these directories > so that your users can delete stuff. Two ways: > > 1. Make sure both users use a umask like 775 (this is fragile as the > user can change their umask any time they want) > 2. Use an ACL on the directory. 'man setfacl' for more details
Thank you both! sgid is what I was after. The users are trusted (the server owner and myself) so that'll do for now. I will also check acl, in case the need arises in the future for control of a finer granularity. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.