Am 25.03.2010 09:50, schrieb Alan McKinnon: > On Thursday 25 March 2010 10:26:25 Hinko Kocevar wrote: >> Hi, >> >> Where is defined what permissions will the newly created folder/file >> have by default? > > This is done by the umask of the user creating the folder. > > >> >> Eg. When creating a folder I would like it to have permissions right >> after it is created, to void use of chmod/chown afterwards: >> >> drwxrwxr-x 2 hinko users 4096 Mar 25 09:23 folder1 >> >> while now I get only: >> drwxr-xr-x 2 hinko users 4096 Mar 25 09:23 folder1 >> >> That is group should have 'w' set. > > > This is a common misunderstanding about permissions and the Unix philosophy > about them, which is: > > It's up to the user, not the system, to say what permissions he wants on new > filesystem objects. > > Modifing the user's umask is not advised, as this is global. *Every* new file > or dir then ends up with g+w and you probably don't want that. > > You need to use Posix ACLs for this, and your file system and kernel must > support them; you configure it per directory. It's all in man pages and on > google - better start reading. > > Be warned though: you *will* forget you set this, and *will* wonder in future > why g+w is set in various places. "ls" gives precious little clue that an ACL > is in place. > > I find that in real life, a "find -exec chmod" in a cron is a better solution >
To avoid ACLs and still have group rw rights on some folders for specific groups, you can make use of the 'user private group' scheme and the setgid bit: [1]. Gentoo uses this scheme per default, although I think the umask setting is different (has to be 002 or 007). What Alan forgot to tell is where to set the umask: /etc/profile. Don't use too strict settings because these are also applied to system accounts. This can easily break your system. [1] http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/ref-guide/s1-users-groups-private-groups.html Hope this helps, Florian Philipp
signature.asc
Description: OpenPGP digital signature
