[NTLUG:Discuss] force group ownership
Greg Edwards
greg at nas-inet.com
Sat Feb 2 12:19:38 CST 2002
Paul Ingendorf wrote:
>
> This SID/STICKY Bit grouping works much like it's partners the permission bits.
> Set UID = 100
> Set GID = 010
> Sticky = 001
>
The SUID/SGID control the actions of the owner and group assignments
regardless of user name.
For the problem under discussion I would set the user rwx, group rws,
and others r. Make each user that you want to be able to add files (or
modify) to the directory a member of the group. Now when members of the
group save a file in the directory the file will inherit the group name
of the directory. The owner of the file will still have their name
preserved and other users will not be able to modify (or save) any files
in the directory.
As Paul pointed out, if this is a data only directory you can use rwS
and no files in the directory can be executed.
example for data only directory:
as root
mkdir /home/pool
chgrp swimmer /home/pool
chmod u=rw,g=rwS,o=r /home/pool
Now any member of group swimmer can save a file in /home/pool and that
file will have rw-rw-r-- permissions assigned to it (before umask
adjustments). On top of that each file will have swimmer as the group
name no matter who the owner was. With this example each file will
maintain the orignal owner and only that owner will be able to change
the permissions. Any member of the group will be able to
write/delete/mv the file. Any user on the system will be able to read
(and cp) the file.
--
Greg Edwards
New Age Software, Inc.
http://www.nas-inet.com
More information about the Discuss
mailing list