Find the answer to your Linux question:
Results 1 to 6 of 6
Hello all, I am new to the linux world and have a question about permission. I will appreciate all the help. My question is i have sftp server set up ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Sep 2011
    Posts
    7

    new to linux permission question please help


    Hello all,

    I am new to the linux world and have a question about permission. I will appreciate all the help.

    My question is i have sftp server set up at work.

    Lets say i have a directory /home/sftp/sys

    In the sys directory there are sub directories sys1 and sys2 with many files in them.

    drwxrwx---+ 4 sys operator 4096 Oct 11 2010 sys
    drwxrwx---+ 2 sys operator 16384 Sep 6 17:35 sys1

    now the files that gets dropped in sys1 folder by sys user gets permission

    rw------- 1 sys sys 13110 Aug 29 14:36 test.txt

    I want that whoever drops files in the sys1 folder inherit permission of the parent folder? is this possible in linux?

    Thank you

  2. #2
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,393
    The default settings for a specific user can be set with umask. Set the appropriate mask in the sys user's login profile. FWIW, file and directory permissions are different entities, even though they use the same bit patterns. So, you would not want a file to have the same permissions as the directory they are uploaded into.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  3. #3
    Just Joined!
    Join Date
    Jul 2011
    Posts
    7

    SGID on the Directory

    You might also consider adding SGID (set group id) on those directories. By doing that, any new file or directory created within those directories will automatically inherit the group owner of the parent. Either root or the user sys could run:
    chmod g+s sys ... or ... chmod 2770 sys
    chmod g+s sys1 ... or ... chmod 2770 sys1

    The resulting permissions would then look something like:
    drwxrws---+ 4 sys operator 4096 Oct 11 2010 sys
    drwxrws---+ 2 sys operator 16384 Sep 6 17:35 sys1

    And a new file created in one of these directories would look like:
    rw------- 1 sys operator 13110 Aug 29 14:36 test.txt

    Since "operator" is the group owner of the parent directory, "operator" becomes the group owner of any new file or directory created within it. This really isn't too useful unless you also change the umask settings for the user's in the operator group -- like Rubberman said. You might consider a umask of 0002, which would mean new files would have initial permissions of -rw-rw-r-- and new directories would have initial permissions of drwxrwxr-x.

    A couple more things... Because members of the operator group have write permission on both directories, they will be able to force changes or force delete files in those directories even though they may not have write permission on individual files within those directories. Of course some users aren't going to know that they can do this.

    Finally, the + symbol at the end of the directory permissions tells me that file access control lists might also be set on the directories. You might take a look at the man pages for getfacl and setfacl.

    Mike
    Last edited by oz; 09-16-2011 at 03:23 PM. Reason: SPAM removal

  4. #4
    Just Joined!
    Join Date
    Sep 2011
    Posts
    7
    Is there any way in linux i can assign 2 groups permission to the same folder and files.

  5. #5
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,393
    Quote Originally Posted by am09 View Post
    Is there any way in linux i can assign 2 groups permission to the same folder and files.
    AFAIK, this is possible if you are using access control lists (ACL) for permissions instead of traditional user/group permissions. For more information, read the acl man page.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  6. #6
    Just Joined!
    Join Date
    Sep 2011
    Posts
    7
    Thank you everyone on this forum.

    I read up on umask, sgid, ugid and that solved half of my problems. I am seeing that ACL's are set up on the server with users all over the place. I am going to add all these users according to group and add them with ACLs.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •