On Tuesday 16 October 2007, Alan McKinnon wrote:
> On Tuesday 16 October 2007, Mick wrote:
> > Hi All,
> >
> > This is a simple question but I'm getting tired and can't think
> > straight with this permissions problem:
> >
> > I am trying to create a directory within which two users will be able
> > to save and delete documents. This directory is only meant to be
> > accessible/readable by these two users.
> >
> > I created directory TEST, under /var/www/html. This contains
> > subdirectories TEST1, TEST2, TEST3. Each subdirectory contains other
> > files. I set the permissions recursively to apache:ftp. Both users
> > are members of group ftp. I chmod -R g+w.
> >
> > When I create a new subdirectory and save a file in it I noticed that
> > it is mick:wheel instead of mick:ftp. How do I set it up so that
> > newly created directories/files inherit the parent group ownership?
>
> You want the setgid bit on for the directory. This causes all new files
> and directories in it to be owned by the same group that owns the
> top-most directory:
>
> chmod g+s TEST
>
> This won't change permissions on existing directories though, and you
> can't use chmod -R (that will sgid the files as well), so use find like
> so:
>
> find TEST -type d -exec chmod g+s {} \;
>
> You will also need to enable group write permission on these directories
> so that your users can delete stuff. Two ways:
>
> 1. Make sure both users use a umask like 775 (this is fragile as the
> user can change their umask any time they want)
> 2. Use an ACL on the directory. 'man setfacl' for more detailsThank you both! sgid is what I was after. The users are trusted (the server owner and myself) so that'll do for now. I will also check acl, in case the need arises in the future for control of a finer granularity. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
