Results 1 to 4 of 4
Thread: User permissions
|
Enjoy an ad free experience by logging in. Not a member yet? Register.
|
|
-
02-01-2010 #1
- Join Date
- Feb 2010
- Posts
- 2
User permissions
I'll try to sum this up as concise as I can.
I have 2 Groups, called "group-1", and "group-2"
I have 2 Users, called "user-1", and "user-2"
user-1 is a member of group-1
user-2 is a member of group-2
I've created a directory called "group-1-sandbox" and "group-2-sandbox"
The permissions for both directories are
drxwrxw--- group-1 group-1 ./group-1-sandbox
drxwrxw--- group-2 group-2 ./group-2-sandbox
Okay,
so any member of group-1 can R/W/X in group-1-sandbox (ie. user-1)
so any member of group-2 can R/W/X in group-2-sandbox (ie. user-2)
user-1 trying to get to group-2-sandbox will fail due to access restrictions.
So far so good...question nearly here!...
Now, if user-1 creates a new file in group-1-sandbox, the default permissions will be
"rw-rw-r--", the "everyone" gets read perrmissions, so to fix this, I've got the following in the startup for the users
umask 0007
Now, when I create, I get "-rw-rw----", this is great as I do not want "everyone" to get ANY access.
Okay, now my question!
The owner and group owner from a newly created file for user-1 is
-rw-rw---- 1 user-1 user-1 0 2010-02-01 14:06 kam
I would like it to be
-rw-rw---- 1 user-1 group-1 0 2010-02-01 14:06 kam
I want the parent group to be used and not the user's...
Can this be done?
Thanks!
~Kam (^8*
-
02-01-2010 #2
well the easiest way is to change the users default group:
Code:usermod -G group1 user1
-
02-01-2010 #3
- Join Date
- Feb 2010
- Posts
- 2
looking at the command, it looks like it's for setting and forgetting the group membership, I would like to adjust the "default" membership upon login for that user.
How can I change this value for just the current "login" for that user?
Thanks!
~Kam
-
02-01-2010 #4
actually i meant -g not -G which is basically the same as --gid. assigning temporary group permission the way I think you are talking about just really isn't feasible or at least to me it sounds like an administrative nightmare even if does exist.