[Eug-lug] sticky group?

Ben Barrett stircrazyben at gmail.com
Thu Nov 16 00:00:46 PST 2006 

With that quality of response in our list archives, I expect Neil to be
courted by the big-corp linux players any day now!  Nicely written.

    Ben


On 11/15/06, Neil Parker <nparker at llx.com> wrote:
>
> Rob Hudson wrote,
> >How do I set up a directory so that any new files created in its
> >subdirectories maintain the group and group write permissions?
> >
> >For example:  There's a shared folder on a server and a group of users
> >create and edit files in that folder.  We want those new files to be
> >editable by all users in the same group.  By default, new files are
> >created with the user's default user and group making them non-editable
> >by others in the group.
>
> Make sure the directory is owned by the desired group, and then turn on
> its
> set-group-id bit:
>
>      chgrp groupname dirname
>      chmod g+s dirname
>
> Henceforth, any new files created in that directory will be owned by the
> group that owns the directory.  Additionally, any new subdirectories you
> create in that directory will also have their set-group-id bits turned on
> automatically, so it works recursively.
>
> Of course you'll need to make sure the directory is fully accessible by
> its group ("chmod g+sa dirname").
>
> This makes sure files in the directory are owned by the right group, but
> it doesn't ensure that the permissions will be right.  You'll have to
> admonish your users to be careful about setting the right permissions..if
> the use a umask whose middle digit is 0 (e.g. "umask 007"), they'll
> automatically create files that are group readable and writeable.
>
> If you have persistant problems with users not leaving their files group
> readable and writable, you might want to consider a crontab entry that
> periodically sets the appropriate permissions, for example,
>
>      chmod -R g+u /path/to/dirname
>
>
>
> On Linux, the set-group-id bit on directories works on every filesystem
> that supports Unix-style file permissions.  It doesn't work on filesystems
> like (V)FAT that don't understand Unix file permissions.
>
> If you're using ext2 or ext3, this behavior can be altered with mount
> options.  In the default state, or if you mount the filesystem with the
> "nogrpid" or "sysvgroups" option, it works as described above.  If you
> mount the filesystem with the "grpid" or "bsdgroups" option, the
> filesystem behaves as if all directories had their set-group-id bits
> permanently turned on.
>
>               - Neil Parker
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://euglug.org/pipermail/euglug/attachments/20061116/cce86b8b/attac=
hment-0001.htm

More information about the EUGLUG mailing list