topic Re: Permissions in Operating System - Linux

Permissions

Oviwan — Mon, 15 May 2006 03:14:36 GMT

Hi @ll

assumption of the folder permission:
root@ex10110:/home/oracle# ll | grep test
drwxr-xr-x 2 oracle dba 96 May 15 10:05 test

assumption of the file permission:
root@ex10110:/home/oracle/test# ll
total 0
-rw-r--r-- 1 oracle dba 0 May 15 10:05 blah
-rw-r--r-- 1 oracle dba 0 May 15 10:05 blah2

now when i create a file as root then the file permissions looks as follow:
-rw-r--r-- 1 root sys 0 May 15 10:05 blubb

what can i do, that the folder/file/owner/group permissions are like the permissions of the higher folder even when I create the files as an other user? I have nowhere found an option in chmod, chown or chgrp, is there an other command?

Regards

Re: Permissions

Alexander Chuzhoy — Mon, 15 May 2006 03:51:47 GMT

In current state only the owner is able to create files in the directory.

You can use the following:
create some group and add all users that you would like to be able to write under that directory to this group.

change the group ownership of that directory:
chgrp groupname foldername

Execute
chmod g+s foldername
This will make all files created in this folder to have the same group as the folder.

Re: Permissions

Oviwan — Mon, 15 May 2006 06:01:29 GMT

Thank, but now the permissions:
when I create a new file with any user, then the permission of the files are 644, how can I take the permission of the higher folder?

Regards

Re: Permissions

Vitaly Karasik_1 — Mon, 15 May 2006 06:38:53 GMT

>how can I take the permission of the higher folder?

I don't think that this is doable.
AFAIK, you should change default umask for *all* users if you want to change new files permission.

Rgds,
Vitaly

Re: Permissions

Oviwan — Mon, 15 May 2006 07:31:55 GMT

Ty,
in fact there is no chance to set an option equivalent to this in windows "Allow inheritable permissions from parent to propagate to this object"?

Regards

Re: Permissions

Matti_Kurkela — Mon, 15 May 2006 08:07:52 GMT

When a user creates a file or a directory, he always becomes its owner. This cannot be changed. Only exception for that is filesystems which do not support unix-style permissions (e.g. VFAT).

Normally the new file gets its group ownership in the same way (i.e. the same as the creator's primary group). This *can* be changed: by setting the directory's group as desired and setting the directory's sgid permission (chmod g+s directoryname) all files and directories created in the directory get the same group ownership as the directory. The sgid permission gets also added automatically to all new subdirectories of the original directory with the sgid permission.
(In some Unix-like operating systems, files and directories created as root will ignore the directory-sgid effect.)

The permissions (read/write/execute bits) are determined according to the user's umask setting, and no directory can affect that.

However, in most modern Linuxes, each new user gets a personal group of his own (with a GID equal to the user's UID). This allows you to set your system's default umask as 002 (or 007). With that value, the users will create files in their home directories that are group writable by default... but that is no problem, because the group that has the write permissions contains only the user himself.

With this setup, creating group writable directories becomes easy: the admin creates the top directory as root, then sets the correct group ownership, permissions and sgid for the directory. After that, the users belonging to the correct group can do all the rest.