Re: Full Group Perm/Own in a Directory

From: Lew Pitcher (Lew.Pitcher_at_td.com)
Date: 12/11/03 

Date: Thu, 11 Dec 2003 13:41:07 GMT

On Thu, 11 Dec 2003 07:58:53 GMT, Alan Connor <zzzzzz@xxx.yyy> wrote:

>
>I have this partition/directory tree on my Linux box that I would like all
>members of the group "doc" to be able to read and write to at will.
>
>The problem is that when one user creates a file there, it is owned by
>him/her and no one else can read or write to it.
>
>At present I'm using root's crontab to change the permissions and ownership
>on a regular basis, but this seems pretty mickey mouse and if a user
>has bad timing, he-she STILL runs into problems.
>
>Is there anyway to have any writes to that directory automatically belong
>to the group "doc" with rw permissions?

Alan,

Change the permissions on the directory to include the "SETGID" bit

  chmod g+s /public/directory

>From the Linux stat(2) manpage...

       The set GID bit (S_ISGID) has several special uses: For a
       directory it indicates that BSD semantics is to be used
       for that directory: files created there inherit their
       group ID from the directory, not from the effective gid of
       the creating process, and directories created there will
       also get the S_ISGID bit set. For a file that does not
       have the group execution bit (S_IXGRP) set, it indicates
       mandatory file/record locking.

With the SETGID bit set on the directory, all files subsequently created in that
directory should inheret their groupid from the directory, rather than from the
user that created them. 

-- 
Lew Pitcher
IT Consultant, Enterprise Technology Solutions
Toronto Dominion Bank Financial Group
(Opinions expressed are my own, not my employers')

Relevant Pages

  • Full Group Perm/Own in a Directory
    ... I have this partition/directory tree on my Linux box that I would like all ... members of the group "doc" to be able to read and write to at will. ... At present I'm using root's crontab to change the permissions and ownership ...
    (comp.unix.questions)
  • [UNIX] Linux Kernel Setgid Implementation Flaw
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... the setgid system call does not behave ... - Setgid-only programs cannot fully drop privileges. ... that most Linux setid programs seems to do not care too much about it. ...
    (Securiteam)
  • Re: Thinking outside the box on file systems
    ... multiple mailing lists now and I've had enough. ... *cannot* allow the entity who specifies permissions check semantics on ... In the Linux world there are two ways to proceed: ... difficulty winning people over that security modules that do depend on ...
    (Linux-Kernel)
  • SUMMARY-taring between solaris and linux
    ... Florendo, Jay Jay ... Matthew (Thanks for your precios time to write a very good notes on this ... I have a two machine One is sun and other is linux. ... Permissions, block size... ...
    (SunManagers)
  • Re: whats next for the linux kernel?
    ... >>only the Unix community doesn't get it. ... If the permissions were don'e right in your own directories your ... inherited rights mask - something Linux lacks. ... Linux will evolve to where Netware was in 1990. ...
    (Linux-Kernel)