Dear Friends,
In Linux is there a way in which new files or folders created in a directory will inherit the directory's owner and group with the same permissions too? The new files or folders are currently getting created with the user and group of the user who created them. I want all the new data to have user:group and permissions of the parent directory.
I have tried different things like suid sgid sticky bit and even mounting the folder with a certain uid, gid and umask but new data does not inherit the same.
Thanks and Regards,
Rony.
Look into ACLs. ACLs override file attribute permissions, and you can set default ACLs to be inherited be files and folders.
On 12-Jul-2017 10:26 PM, "Rony Bill" gnulinuxist@gmail.com wrote:
Dear Friends,
In Linux is there a way in which new files or folders created in a directory will inherit the directory's owner and group with the same permissions too? The new files or folders are currently getting created with the user and group of the user who created them. I want all the new data to have user:group and permissions of the parent directory.
I have tried different things like suid sgid sticky bit and even mounting the folder with a certain uid, gid and umask but new data does not inherit the same.
Thanks and Regards,
Rony.
On Jul 12, 2017 22:31, "Pritam Baral" chhatoipritam@gmail.com wrote:
Look into ACLs. ACLs override file attribute permissions, and you can set default ACLs to be inherited be files and folders.
Okay, will look into that. Thanks.
Regards, Rony.
On Wed, Jul 12, 2017 at 10:26 PM, Rony Bill gnulinuxist@gmail.com wrote:
Dear Friends,
In Linux is there a way in which new files or folders created in a directory will inherit the directory's owner and group with the same permissions too? The new files or folders are currently getting created with the user and group of the user who created them. I want all the new data to have user:group and permissions of the parent directory.
Linux won't allow a non-root user to change file ownerships, as this could expose you to security/quota holes. In this case, its the process owner creating those files that counts and not the directory permissions.
I concur with Pritam.
Anurag
On Jul 13, 2017 19:16, "Anurag" gnurag@gmail.com wrote:
On Wed, Jul 12, 2017 at 10:26 PM, Rony Bill gnulinuxist@gmail.com wrote:
Dear Friends,
In Linux is there a way in which new files or folders created in a directory will inherit the directory's owner and group with the same permissions too? The new files or folders are currently getting created with the user and group of the user who created them. I want all the new data to have user:group and permissions of the parent directory.
Linux won't allow a non-root user to change file ownerships, as this could expose you to security/quota holes. In this case, its the process owner creating those files that counts and not the directory permissions.
I concur with Pritam.
Anurag --
Okay. Thanks Anurag.
Regards, Rony.
On Wed, Jul 12, 2017 at 9:56 AM, Rony Bill gnulinuxist@gmail.com wrote:
Dear Friends,
In Linux is there a way in which new files or folders created in a directory will inherit the directory's owner and group with the same permissions too? The new files or folders are currently getting created with the user and group of the user who created them. I want all the new data to have user:group and permissions of the parent directory.
I have tried different things like suid sgid sticky bit and even mounting the folder with a certain uid, gid and umask but new data does not inherit the same.
'setgid' should do the trick. Note: all users must be a member of the group.
Here's a small test case: user is sysadmin (sysadmin.sysadmin) *and* also a member of the 'adm' group. Set *all* the user's umask to 0002, this will allow group members to edit file and allow 'other' read only . Login as 'sysadmin' user.
$ cd /var/tmp/ $ mkdir testdir
$ ls -dl testdir # should show sysadmin.sysadmin ownership $ chmod 4775 testdir # you can change 5 to 0 if you don't want 'other' to read the directory or files. $ ls -dl testdir # should show setgid bit on, owner+group writable, $ chown sysadmin.adm testdir # should show 'sysadmin.adm' ownerships. $ cd testdir $ mkdir yadir # user sysadmin is able to create a directory $ ls -dl yadir # should show sysadmin.adm ownership $ touch testfile.txt # should show sysadmin.adm ownership with rwrwr-- perms
The key thing is *consistent* umask for all members of the group. You will run into issues if users create dirs/files with a different umask e.g. 0027
HTH. -- Arun Khan
On Jul 15, 2017 01:34, "Arun Khan" knura9@gmail.com wrote:
On Wed, Jul 12, 2017 at 9:56 AM, Rony Bill gnulinuxist@gmail.com wrote:
Dear Friends,
In Linux is there a way in which new files or folders created in a directory will inherit the directory's owner and group with the same permissions too? The new files or folders are currently getting created with the user and group of the user who created them. I want all the new data to have user:group and permissions of the parent directory.
I have tried different things like suid sgid sticky bit and even mounting the folder with a certain uid, gid and umask but new data does not inherit the same.
'setgid' should do the trick. Note: all users must be a member of the group.
Here's a small test case: user is sysadmin (sysadmin.sysadmin) *and* also a member of the 'adm' group. Set *all* the user's umask to 0002, this will allow group members to edit file and allow 'other' read only . Login as 'sysadmin' user.
$ cd /var/tmp/ $ mkdir testdir
$ ls -dl testdir # should show sysadmin.sysadmin ownership $ chmod 4775 testdir # you can change 5 to 0 if you don't want 'other' to read the directory or files. $ ls -dl testdir # should show setgid bit on, owner+group writable, $ chown sysadmin.adm testdir # should show 'sysadmin.adm' ownerships. $ cd testdir $ mkdir yadir # user sysadmin is able to create a directory $ ls -dl yadir # should show sysadmin.adm ownership $ touch testfile.txt # should show sysadmin.adm ownership with rwrwr-- perms
The key thing is *consistent* umask for all members of the group. You will run into issues if users create dirs/files with a different umask e.g. 0027
HTH. -- Arun Khan
Thanks Arun, will try it out.
Regards, Rony.
Hi Arun sir,
I have a request, is it possible for you to write a small tutorial about permission management in linux for our website? I would be great to have it on the website.
Let me know if you are interested.
Thank you
Hi Raghavendra,
On Fri, Jul 14, 2017 at 8:58 PM, Raghavendra Kamath raghavendr.raghu@gmail.com wrote:
Hi Arun sir,
I have a request, is it possible for you to write a small tutorial about permission management in linux for our website? I would be great to have it on the website.
Rather than reinvent the wheel, I found these YT vid-tutorial informative for Linux n00bs.
File permissions < http://bit.ly/2riDJjo%3E File redirection < http://bit.ly/2sS2Lu8%3E
The bottom line -- users need to embrace the command line interface (CLI).
Guru99 has a whole bunch of tutorials on YT https://goo.gl/Fv4eiM
You may want to get their permissions if you decide to put their links if you decide to link their content. (I have no affiliation with Guru99)
HTH
-- Arun Khan
-
Anurag -
Arun Khan -
Pritam Baral -
Raghavendra Kamath -
Rony Bill