You are not logged in.
Pages: 1
I'm trying to create a shared folder on my root partition that anyone in a particular group can read and write to and any new files within that folder are also read writeable by anyone in that group no matter what. I've managed to create a folder whereby new users can write to it - but any new files are read only to the group.
Steps I've taken:
mkdir /storage
chown -R root:storage-public /storage
chmod -R 2775 /storage
touch test.txt
But these are the permissions I'm getting from my test file:
-rw-r--r-- 1 root storage-public 13 Oct 12 21:59 test.txt
Can anyone help?
Offline
Not a Sysadmin issue, moving to NC...
Offline
You could use Access Control Lists.
In particular,
setfacl -m group:storage-public:rwx /storage
setfacl -d -m group:storage-public:rwx /storage
Otherwise, setting the umask to 002 would be an idea, but I don't know if that's considered best practice (especially on Arch, where it seems to be common practice to put all users in the `users` group).
Offline
https://wiki.archlinux.org/index.php/Ac … trol_Lists
ayekat beat me to it.
Last edited by nixpunk (2015-10-12 21:41:08)
Offline
Thanks I had tried ACLs, but wasn't quite achieving the desired effect for instance when extracting a tar archive as root it does not enforce the acl rules; instead the posix permissions seem to override. When I extract a tar archive as a standard user the acls are still not enforced, but this time the folder is owned by the parent group.
As root
[root@hell-serv www]# getfacl owncloud
# file: owncloud
# owner: nobody
# group: nfsnobody
user::rwx
group::rwx #effective:r-x
group:storage-public:rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::rwx
default:group:storage-public:rwx
default:mask::rwx
default:other::r-x
As user
[dominic@hell-serv www]$ getfacl owncloud
# file: owncloud
# owner: dominic
# group: storage-public
# flags: -s-
user::rwx
group::rwx #effective:r-x
group:storage-public:rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::rwx
default:group:storage-public:rwx
default:mask::rwx
default:other::r-x
Essentially I want to force every new and existing file to be owned by storage-public and for that group to have read/write permission across the board. So far I've not been able to accomplish this - I've even set the default acl mask to 0002 but that get's overridden as well.
Offline
Oh, I see that this only applies to files that are created inside the directory tree (e.g. vim, touch, mkdir, ...), but not to files that are moved/copied, as they usually preserve their permissions.
(`cp` can take an option `--no-preserve=all`, but I don't know to what extent you are willing to pass that option everytime you copy something to the shared folder...)
Offline
Pages: 1