geek thoughts- shared folders in ubuntu with setgid and acl

7/28/2019 Geek Thoughts- Shared Folders in Ubuntu With Setgid and ACL

1/7

Thursday, 29 April 2010

Shared

Introduction

There is an often requested feature on Linux (or UNIX) to have the

ability to create shared directories similar to what is possible in

Windows, that is a directory in which every person who has been

given access can read, write or modify files. However, because

Linux file systems such as ext4 enforce file permissions that are

stricter than any of the windows file systems such asFAT or NTFS,

creating such a directory is not obvious. Of course, if you put your

shared directory on a FAT or NTFS partition, it will automatically

behave just like in Windows but that requires a separate partition

and doesn't allow you to enforce permissions on a per-group basis.

So here's a quick guide on how to do this with Ubuntu. The same

principles apply to other Linux distributions so should be portable.

Use Cases

Let's go through a couple of classic use cases first, to identify

exactly what we want to do.

Project Folder

In a company or university setting where users are assigned to

project teams or departments, it can be useful to create shared

folders where all members of the team can drop files that are

useful for the whole team. They need to be able to create, update,

delete files, all in the same folder. They also need to be able to

read, update or delete files created by other members of the

team. However, users external to the team should only have read

access.

Web Development

For anybody doing web development on Linux, a classic problem is

when you have to deal with development or test web servers. The

default web server process runs with the www-data user and the

document directory is owned by the same user. It would be great

if all web developers on the team were able to update the

document directory on the server while not requiring root access

to do so.

Linux Default Behaviour

Linux has the concept of user groups. You can check what groups

your user belongs to by typing the following on the command line:

$ groups

bruno adm dialout cdrom plugdev lpadmin admin sambashare

On a default Linux installation, groups are used to give ac cess to

specific features to different users, such as the ability to

administer the system or use the CD-ROM drive. But one of the

Followers

+7 Recommend this on Goog le

Friends

Suddenly single at 32.....

Coofer Cat

I got 99 problems

910

MaYa D on lifeOnly Somewhat Boring

More About Me

My photos on flickr

My photos on DHD Multimedia

Gallery

Music I lis ten to

Travels

Blog Archive

2013 (3)

2012 (4)

2011 (6)

2010 (25)

December (1)

November (1)

October (1)

September (5)

August (4)

July (2)

May (2)

April (2)

Shared Fo lders in Ubuntu with setgid

and ACL

Ubuntu Lucid Netbook Remix from

Alternate CD

March (3)

February (3)

7Share More Next Blog Create Blog Sign In

Geek ThoughtsGeek Thoughts

Random thoughts and ideas from a French geek in London

Geek Thoughts: Shared Folders in Ubuntu with setgid and ACL 26/03/13

http://brunogirin.blogspot.de/2010/03/shared-folders-in-ubuntu-with-setgid.html 1 / 7
http://gallery.hd.org/_virtual/ByAuthor/BG/http://somebore.blogspot.com/http://juliagomez.blogspot.com/http://www.coofercat.com/http://brunogirin.blogspot.de/http://brunogirin.blogspot.de/http://void%280%29/http://brunogirin.blogspot.de/2010_08_01_archive.htmlhttp://brunogirin.blogspot.de/2010_02_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/2010_03_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/2010/04/ubuntu-lucid-netbook-remix-from.htmlhttp://brunogirin.blogspot.de/2010/03/shared-folders-in-ubuntu-with-setgid.htmlhttp://brunogirin.blogspot.de/2010_04_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/2010_05_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/2010_07_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/2010_08_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/2010_09_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/2010_10_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/2010_11_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/2010_12_01_archive.htmlhttp://void%280%29/http://brunogirin.blogspot.de/search?updated-min=2010-01-01T00:00:00Z&updated-max=2011-01-01T00:00:00Z&max-results=25http://void%280%29/http://brunogirin.blogspot.de/search?updated-min=2011-01-01T00:00:00Z&updated-max=2012-01-01T00:00:00Z&max-results=6http://void%280%29/http://brunogirin.blogspot.de/search?updated-min=2012-01-01T00:00:00Z&updated-max=2013-01-01T00:00:00Z&max-results=4http://void%280%29/http://brunogirin.blogspot.de/search?updated-min=2013-01-01T00:00:00Z&updated-max=2014-01-01T00:00:00Z&max-results=3http://void%280%29/http://www.43places.com/person/brunogirinhttp://www.last.fm/user/brunogirin/http://gallery.hd.org/_virtual/ByAuthor/BG/http://www.flickr.com/photos/brunogirin/http://somebore.blogspot.com/http://mydonlife.blogspot.com/http://juliagomez.blogspot.com/http://ninedeenine.blogspot.com/http://www.coofercat.com/http://suddenlysingleat32.blogspot.com/http://en.wikipedia.org/wiki/Ntfshttp://en.wikipedia.org/wiki/File_Allocation_Tablehttp://en.wikipedia.org/wiki/Ext4http://brunogirin.blogspot.de/2010/03/shared-folders-in-ubuntu-with-setgid.htmlhttp://brunogirin.blogspot.de/


2/7
http://brunogirin.blogspot.de/search/label/frenchhttp://brunogirin.blogspot.de/search/label/fashionhttp://brunogirin.blogspot.de/search/label/exiftoolhttp://brunogirin.blogspot.de/search/label/eurostarhttp://brunogirin.blogspot.de/search/label/errorhttp://brunogirin.blogspot.de/search/label/emailhttp://brunogirin.blogspot.de/search/label/drmhttp://brunogirin.blogspot.de/search/label/dnshttp://brunogirin.blogspot.de/search/label/dhcphttp://brunogirin.blogspot.de/search/label/courierhttp://brunogirin.blogspot.de/search/label/businesshttp://brunogirin.blogspot.de/search/label/broadbandhttp://brunogirin.blogspot.de/search/label/bloggerhttp://brunogirin.blogspot.de/search/label/British%20Gashttp://brunogirin.blogspot.de/search/label/3http://brunogirin.blogspot.de/search/label/vodafonehttp://brunogirin.blogspot.de/search/label/techniqueshttp://brunogirin.blogspot.de/search/label/politicshttp://brunogirin.blogspot.de/search/label/petitionshttp://brunogirin.blogspot.de/search/label/nokiahttp://brunogirin.blogspot.de/search/label/montignachttp://brunogirin.blogspot.de/search/label/languageshttp://brunogirin.blogspot.de/search/label/jokeshttp://brunogirin.blogspot.de/search/label/iehttp://brunogirin.blogspot.de/search/label/graphhttp://brunogirin.blogspot.de/search/label/googlehttp://brunogirin.blogspot.de/search/label/energy%20efficiencyhttp://brunogirin.blogspot.de/search/label/diethttp://brunogirin.blogspot.de/search/label/designhttp://brunogirin.blogspot.de/search/label/databasehttp://brunogirin.blogspot.de/search/label/bashhttp://brunogirin.blogspot.de/search/label/apachehttp://brunogirin.blogspot.de/search/label/algorithmshttp://brunogirin.blogspot.de/search/label/windowshttp://brunogirin.blogspot.de/search/label/shotwellhttp://brunogirin.blogspot.de/search/label/networkshttp://brunogirin.blogspot.de/search/label/intrepidhttp://brunogirin.blogspot.de/search/label/firmwarehttp://brunogirin.blogspot.de/search/label/charityhttp://brunogirin.blogspot.de/search/label/canonhttp://brunogirin.blogspot.de/search/label/applehttp://brunogirin.blogspot.de/search/label/shoppinghttp://brunogirin.blogspot.de/search/label/recyclinghttp://brunogirin.blogspot.de/search/label/mobilehttp://brunogirin.blogspot.de/search/label/thoughtshttp://brunogirin.blogspot.de/search/label/microsofthttp://brunogirin.blogspot.de/search/label/foodhttp://brunogirin.blogspot.de/search/label/octavehttp://brunogirin.blogspot.de/search/label/mathshttp://brunogirin.blogspot.de/search/label/juliahttp://brunogirin.blogspot.de/search/label/imageshttp://brunogirin.blogspot.de/search/label/os-xhttp://brunogirin.blogspot.de/search/label/mandelbrothttp://brunogirin.blogspot.de/search/label/fractalshttp://brunogirin.blogspot.de/search/label/graphicshttp://brunogirin.blogspot.de/search/label/travelhttp://brunogirin.blogspot.de/search/label/softwarehttp://brunogirin.blogspot.de/search/label/webhttp://brunogirin.blogspot.de/search/label/newshttp://brunogirin.blogspot.de/search/label/tipshttp://brunogirin.blogspot.de/search/label/photographyhttp://brunogirin.blogspot.de/search/label/howtohttp://brunogirin.blogspot.de/search/label/developmenthttp://brunogirin.blogspot.de/search/label/ubuntuhttp://brunogirin.blogspot.de/search/label/rantshttp://brunogirin.blogspot.de/search/label/technologyhttp://brunogirin.blogspot.de/search/label/quirkyhttp://brunogirin.blogspot.de/search/label/linuxhttp://brunogirin.blogspot.de/search?updated-min=2004-01-01T00:00:00Z&updated-max=2005-01-01T00:00:00Z&max-results=50http://void%280%29/http://brunogirin.blogspot.de/search?updated-min=2005-01-01T00:00:00Z&updated-max=2006-01-01T00:00:00Z&max-results=50http://void%280%29/http://brunogirin.blogspot.de/search?updated-min=2006-01-01T00:00:00Z&updated-max=2007-01-01T00:00:00Z&max-results=50http://void%280%29/http://brunogirin.blogspot.de/search?updated-min=2007-01-01T00:00:00Z&updated-max=2008-01-01T00:00:00Z&max-results=50http://void%280%29/http://brunogirin.blogspot.de/search?updated-min=2008-01-01T00:00:00Z&updated-max=2009-01-01T00:00:00Z&max-results=31http://void%280%29/http://brunogirin.blogspot.de/search?updated-min=2009-01-01T00:00:00Z&updated-max=2010-01-01T00:00:00Z&max-results=26http://void%280%29/http://brunogirin.blogspot.de/2010_01_01_archive.htmlhttp://void%280%29/


3/7
http://brunogirin.blogspot.de/search/label/jauntyhttp://brunogirin.blogspot.de/search/label/interfacehttp://brunogirin.blogspot.de/search/label/installationhttp://brunogirin.blogspot.de/search/label/infra-redhttp://brunogirin.blogspot.de/search/label/ifthenhttp://brunogirin.blogspot.de/search/label/housinghttp://brunogirin.blogspot.de/search/label/hlchttp://brunogirin.blogspot.de/search/label/hardyhttp://brunogirin.blogspot.de/search/label/hackdayhttp://brunogirin.blogspot.de/search/label/gutsyhttp://brunogirin.blogspot.de/search/label/guadechttp://brunogirin.blogspot.de/search/label/green%20dealhttp://brunogirin.blogspot.de/search/label/governmenthttp://brunogirin.blogspot.de/search/label/gnuplothttp://brunogirin.blogspot.de/search/label/gnomehttp://brunogirin.blogspot.de/search/label/gmailhttp://brunogirin.blogspot.de/search/label/githubhttp://brunogirin.blogspot.de/search/label/geekthoughtshttp://brunogirin.blogspot.de/search/label/gearshttp://brunogirin.blogspot.de/search/label/furniturehttp://brunogirin.blogspot.de/search/label/friendshttp://brunogirin.blogspot.de/search/label/frameworkshttp://brunogirin.blogspot.de/search/label/footerhttp://brunogirin.blogspot.de/search/label/firefoxhttp://brunogirin.blogspot.de/search/label/fancyhdrhttp://brunogirin.blogspot.de/search/label/fairtradehttp://brunogirin.blogspot.de/search/label/excelhttp://brunogirin.blogspot.de/search/label/eeehttp://brunogirin.blogspot.de/search/label/ebookhttp://brunogirin.blogspot.de/search/label/documenthttp://brunogirin.blogspot.de/search/label/dbushttp://brunogirin.blogspot.de/search/label/csshttp://brunogirin.blogspot.de/search/label/cookiehttp://brunogirin.blogspot.de/search/label/colourhttp://brunogirin.blogspot.de/search/label/climatehttp://brunogirin.blogspot.de/search/label/changehttp://brunogirin.blogspot.de/search/label/cernhttp://brunogirin.blogspot.de/search/label/calibrehttp://brunogirin.blogspot.de/search/label/bugshttp://brunogirin.blogspot.de/search/label/bsihttp://brunogirin.blogspot.de/search/label/bookshttp://brunogirin.blogspot.de/search/label/bloghttp://brunogirin.blogspot.de/search/label/beerhttp://brunogirin.blogspot.de/search/label/bayershttp://brunogirin.blogspot.de/search/label/bankinghttp://brunogirin.blogspot.de/search/label/asushttp://brunogirin.blogspot.de/search/label/assessmenthttp://brunogirin.blogspot.de/search/label/alternatehttp://brunogirin.blogspot.de/search/label/activismhttp://brunogirin.blogspot.de/search/label/aclhttp://brunogirin.blogspot.de/search/label/accessibilityhttp://brunogirin.blogspot.de/search/label/Siemenshttp://brunogirin.blogspot.de/search/label/National%20Gridhttp://brunogirin.blogspot.de/search/label/workplacehttp://brunogirin.blogspot.de/search/label/wirelesshttp://brunogirin.blogspot.de/search/label/wi-fihttp://brunogirin.blogspot.de/search/label/vegetarianhttp://brunogirin.blogspot.de/search/label/valahttp://brunogirin.blogspot.de/search/label/svghttp://brunogirin.blogspot.de/search/label/supporthttp://brunogirin.blogspot.de/search/label/subversionhttp://brunogirin.blogspot.de/search/label/spamhttp://brunogirin.blogspot.de/search/label/soundhttp://brunogirin.blogspot.de/search/label/skypehttp://brunogirin.blogspot.de/search/label/securityhttp://brunogirin.blogspot.de/search/label/pythonhttp://brunogirin.blogspot.de/search/label/privacyhttp://brunogirin.blogspot.de/search/label/phphttp://brunogirin.blogspot.de/search/label/peruhttp://brunogirin.blogspot.de/search/label/open%20sourcehttp://brunogirin.blogspot.de/search/label/musichttp://brunogirin.blogspot.de/search/label/meterhttp://brunogirin.blogspot.de/search/label/maverickhttp://brunogirin.blogspot.de/search/label/mapshttp://brunogirin.blogspot.de/search/label/lucidhttp://brunogirin.blogspot.de/search/label/lawhttp://brunogirin.blogspot.de/search/label/latexhttp://brunogirin.blogspot.de/search/label/imagemagickhttp://brunogirin.blogspot.de/search/label/htmlhttp://brunogirin.blogspot.de/search/label/hardwarehttp://brunogirin.blogspot.de/search/label/gashttp://brunogirin.blogspot.de/search/label/games


4/7
http://brunogirin.blogspot.de/search/label/zendhttp://brunogirin.blogspot.de/search/label/xmashttp://brunogirin.blogspot.de/search/label/wikipediahttp://brunogirin.blogspot.de/search/label/webdavhttp://brunogirin.blogspot.de/search/label/webcamhttp://brunogirin.blogspot.de/search/label/viruseshttp://brunogirin.blogspot.de/search/label/usabilityhttp://brunogirin.blogspot.de/search/label/usahttp://brunogirin.blogspot.de/search/label/upgradehttp://brunogirin.blogspot.de/search/label/unixhttp://brunogirin.blogspot.de/search/label/typographyhttp://brunogirin.blogspot.de/search/label/trainhttp://brunogirin.blogspot.de/search/label/testinghttp://brunogirin.blogspot.de/search/label/tennishttp://brunogirin.blogspot.de/search/label/standardhttp://brunogirin.blogspot.de/search/label/sshhttp://brunogirin.blogspot.de/search/label/sportshttp://brunogirin.blogspot.de/search/label/spacehttp://brunogirin.blogspot.de/search/label/sonyhttp://brunogirin.blogspot.de/search/label/searchhttp://brunogirin.blogspot.de/search/label/scriptinghttp://brunogirin.blogspot.de/search/label/sciencehttp://brunogirin.blogspot.de/search/label/ruleshttp://brunogirin.blogspot.de/search/label/pygraphhttp://brunogirin.blogspot.de/search/label/pulseaudiohttp://brunogirin.blogspot.de/search/label/praisehttp://brunogirin.blogspot.de/search/label/plastichttp://brunogirin.blogspot.de/search/label/photoshophttp://brunogirin.blogspot.de/search/label/phishinghttp://brunogirin.blogspot.de/search/label/patentshttp://brunogirin.blogspot.de/search/label/outlookhttp://brunogirin.blogspot.de/search/label/openofficehttp://brunogirin.blogspot.de/search/label/openerphttp://brunogirin.blogspot.de/search/label/netbookhttp://brunogirin.blogspot.de/search/label/n900http://brunogirin.blogspot.de/search/label/movieshttp://brunogirin.blogspot.de/search/label/minutiaehttp://brunogirin.blogspot.de/search/label/medibuntuhttp://brunogirin.blogspot.de/search/label/managementhttp://brunogirin.blogspot.de/search/label/maemohttp://brunogirin.blogspot.de/search/label/localhttp://brunogirin.blogspot.de/search/label/linkshttp://brunogirin.blogspot.de/search/label/linkedinhttp://brunogirin.blogspot.de/search/label/libreofficehttp://brunogirin.blogspot.de/search/label/letterhttp://brunogirin.blogspot.de/search/label/leopardhttp://brunogirin.blogspot.de/search/label/lastpagehttp://brunogirin.blogspot.de/search/label/laptophttp://brunogirin.blogspot.de/search/label/kmlhttp://brunogirin.blogspot.de/search/label/junithttp://brunogirin.blogspot.de/search/label/java


5/7

Granting a user write access to the team folder is now extremely

easy: you can just add that user from the team's group when he

joins the team:

$ sudo usermod -a -G teamgroup joiner

Wherejoineris the user ID of the user joining the team. Revoking

access is nearly as easy, you just need to remove the user from

the team's group. Unfortunately, there is no way to do this in a

simple command so you will have to edit the file /etc/group, find

the group and remove the user ID from that group.

Variations

Restrict Delete and Rename to Owner

By default, any user who has write access to a file can delete or

rename it. This means that any member of the team can delete or

rename any file c reated by another member. This is generally OK

but if it is not, it can also be restricted by setting the sticky biton

the directory:

$ chmod +t teamfolder

$ ls -l

drwxrwsr-t 2 teamuserteamgroup 4096 2010-03-03 14:32

This feature is used on the /tmp directory to ensure that all files

created in that directory can only be deleted by their owners.

Restrict Access for Ot hers

Another variation that may be more useful is to completely deny

access for users that are not part of the team. it may be that a

particular team is working on some sensitive stuff and you don't

want anybody outside the team to see it. To do this, we just

revoke all permissions and ACLs for others on the team folder:

$ chmod o-rx teamfolder

$ setfacl -d -m o::--- teamfolder

References

Howto: Linux Add User To Group

Using ACLs with Fedora Core 2

setuid (and setgid) on Wikipedia

Sticky bit on Wikipedia

Pos ted by Bruno Girin at 14:17

Labels: ac l, howto, linux, ubuntu

16 comments:

Rick said...

Very helpful, just what I've been looking for, thanks.

06 June, 2010 23:27

Anonymous said...

I've used this method in the past, but I was curious if you

have a solution for when a user creates a new file under the

shared directory and their loc al umask removes the group

write permissions.


http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1275863274008#c4041126486466148113http://www.blogger.com/profile/00535469148300556683http://brunogirin.blogspot.de/search/label/ubuntuhttp://brunogirin.blogspot.de/search/label/linuxhttp://brunogirin.blogspot.de/search/label/howtohttp://brunogirin.blogspot.de/search/label/aclhttp://www.blogger.com/share-post.g?blogID=6863089&postID=8885757477231995874&target=facebookhttp://www.blogger.com/share-post.g?blogID=6863089&postID=8885757477231995874&target=twitterhttp://www.blogger.com/share-post.g?blogID=6863089&postID=8885757477231995874&target=bloghttp://www.blogger.com/share-post.g?blogID=6863089&postID=8885757477231995874&target=emailhttp://www.blogger.com/email-post.g?blogID=6863089&postID=8885757477231995874http://brunogirin.blogspot.de/2010/03/shared-folders-in-ubuntu-with-setgid.htmlhttp://en.wikipedia.org/wiki/Sticky_bithttp://en.wikipedia.org/wiki/Setuidhttp://www.vanemery.com/Linux/ACL/linux-acl.htmlhttp://www.cyberciti.biz/faq/howto-linux-add-user-to-group/


6/7

Is there anyway to force the group permission to propagate

downward?

24 June, 2010 15:16

Anonymous said...

Bruno,

I have recently done the exact same thing and when the files

are created in the directory, everything works great.

However if someone c opies a file into the directory, the file

still retains it's original permissions. I've done this using

either 'cp' inside of gno me-terminal and drag-and-drop inside

of Nautilus with the same effec t.

Is there a way to have the copied file inherit the correct ACL?

-Andy

25 October, 2010 14:11

Bruno said...

@Andy: yes, I noticed that too. I haven't found a solution

yet. If I do, I'll post it.

25 October, 2010 20:35

David said...

No need to reboot to enable a new option on a mount.

After editing fstab, simple run as root:

mount -o remount /mountpoint

25 January, 2011 06:56

Bruno said...

David, does mount -o remount /mountpoint also works on /,

/usr or /home? In o lden UNIX days , / and /us r couldn't be

remounted safely and it was never safe to remount /home

when connected as a normal user so I tend to be c areful

with those.

25 January, 2011 20:34

David said...

I have had no problems running remount on ANY partition; I

have remounted / on production servers etc. No issues .

mount -o remo unt is different to umount && mount.

26 January, 2011 23:25

Bruno said...

Thanks David, I'll keep that advice fo r the future!

28 January, 2011 00:48

nvick said...

My fix for the file co py on permissions was to make sure the

sshd umask was set to 002 also.

10 February, 2011 19:25

Anonymous said...

Thank you so much. I have been trying to find out how to do

this fo r ages. I was almos t getting to the stage of returning

to the dark side to avoid these permiss ions problems.

02 July, 2011 18:58

Joe said...

Great article, this is possibly one of the best written articles I

have read so far on the setgid and ACL. Thank you.

23 September, 2011 00:07

Flittermice said...

Thanks fo r writing that before I s hould get the idea to us e a


http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1316732835983#c5278168291169733711http://usefulubuntu.blogspot.com/http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1309629537698#c2633061194717947886http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1297365948747#c7953687485027536234http://www.blogger.com/profile/09047585868779358477http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1296175701278#c334677777011390326http://www.blogger.com/profile/01600375579955596177http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1296084322552#c7214732848346329110http://www.blogger.com/profile/07400822565113553939http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1295987675962#c3232384023196189906http://www.blogger.com/profile/01600375579955596177http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1295938563226#c6347486609548562608http://www.blogger.com/profile/07400822565113553939http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1288035329894#c5246934357733487604http://www.blogger.com/profile/01600375579955596177http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1288012274278#c1022932820938422304http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1277388997780#c7501183787957593367


7/7

Newer Post Older Post

Post a Comment

Home

Subscribe to: Post Comments (Atom)

spare NTFS partition :-)

for already existing files type

sudo chown -R youruser:yourgroup *

for setting user and group,

chmod -R g+rwX *

for making everything writable and making (only) the

directories executable,

find -type d -exec chmod g+s {} \;

for setting the directories setgid.12 October, 2011 19:39

nicolas roy said...

That's a real great post !

Thanks a lot.

21 October, 2011 11:53

Anonymous said...

Does removing a user from the group really have the full

desired effec t? The files that this user c reated still belong

him, so he still can modify and erase them, right?

03 November, 2011 18:32

jhaand said...

Thanks this setup works quite well.

Previously I mo unted a loc al directory as CIFS share. But it

creates s ome troubles at startup. The Samba service must

be available during boot.

I now use the method mentioned here and also share the

directory as samba share for o ther computers.

The problem that not all permissions and group-id's are

inherited when copying more directories remains present. If

this as pect produces any problems, I might use the hourly

cron job. It will do a recursive c hmod and chgrp on the

shared folder every hour.

21 July, 2012 17:26

password shared folder said...

Nice post. I have had no problems running remount on ANY

partition

12 September, 2012 10:50

http://brunogirin.blogspot.com/feeds/8885757477231995874/comments/defaulthttp://brunogirin.blogspot.de/http://brunogirin.blogspot.de/2010/04/ubuntu-lucid-netbook-remix-from.htmlhttp://brunogirin.blogspot.de/2010/05/backup-and-restore-subversion.htmlhttp://www.blogger.com/comment.g?blogID=6863089&postID=8885757477231995874http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1347443430119#c6788387750617167730http://www.kakasoft.com/password-protect-shared-folder/http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1342887983570#c6604652924187836690http://www.blogger.com/profile/10167704596765735037http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1320345171612#c9169852613578499731http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1319194406983#c4423522399129043497http://brunogirin.blogspot.com/2010/03/shared-folders-in-ubuntu-with-setgid.html?showComment=1318444763940#c821817838630604878

geek thoughts- shared folders in ubuntu with setgid and acl

Documents