Is there a fairly easy way to allow two users to write to the same hierarchy of files?
I want to enable two users to write to a specific hiearchy of files and I really can't see an easy way to do it. To be specific I have a hierarchy of files making up the data files of a wiki which I (mostly) edit directly but also need to be able to edit in the normal wiki fashion. Thus they need to be writeable by the apache2 process (which is user www-data) and directly by the user (which is me, user chris). Can anyone suggest a way to allow these to be writeable by both users? When a user creates a new file it must be editable by the other user as well so simply creating a common group to which both users belong won't work as, in general, the umask won't give files user write permission. -- Chris Green
On 11 November 2010 16:54, Chris G <cl@isbd.net> wrote:
I want to enable two users to write to a specific hiearchy of files and I really can't see an easy way to do it.
To be specific I have a hierarchy of files making up the data files of a wiki which I (mostly) edit directly but also need to be able to edit in the normal wiki fashion. Thus they need to be writeable by the apache2 process (which is user www-data) and directly by the user (which is me, user chris).
Can anyone suggest a way to allow these to be writeable by both users? When a user creates a new file it must be editable by the other user as well so simply creating a common group to which both users belong won't work as, in general, the umask won't give files user write permission.
I can suggest two ways, depending on what your distro supports:
1. You can set the sticky bit on the group so that all the files created in the directory are owned by the group rather than the user: i.e. 'chmod 2660 TheDir' The 2 sets the sticky bit for the group, replace the 660 with whatever you need. 2. You could use ACLs in addition to the normal User, Group, Other permissions. These can also be set to inherit so that new files created get the same permissions?
On Fri, Nov 12, 2010 at 11:56:49AM +0000, Karl Foley wrote:
On 11 November 2010 16:54, Chris G <[1]cl@isbd.net> wrote:
I want to enable two users to write to a specific hiearchy of files and I really can't see an easy way to do it.
To be specific I have a hierarchy of files making up the data files of a wiki which I (mostly) edit directly but also need to be able to edit in the normal wiki fashion. Thus they need to be writeable by the apache2 process (which is user www-data) and directly by the user (which is me, user chris).
Can anyone suggest a way to allow these to be writeable by both users? When a user creates a new file it must be editable by the other user as well so simply creating a common group to which both users belong won't work as, in general, the umask won't give files user write permission.
I can suggest two ways, depending on what your distro supports: 1. You can set the sticky bit on the group so that all the files created in the directory are owned by the group rather than the user: i.e. 'chmod 2660 TheDir' The 2 sets the sticky bit for the group, replace the 660 with whatever you need.
Thanks, I think this will probably do what I went when I have got my mind round the documentation. I *believe* the bit you call the 'sticky' bit is more usually called the SETGID bit.
2. You could use ACLs in addition to the normal User, Group, Other permissions. These can also be set to inherit so that new files created get the same permissions?
Links: 1. mailto:cl@isbd.net/
_______________________________________________ main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
-- Chris Green
On 18 November 2010 18:26, Chris G <cl@isbd.net> wrote:
On Fri, Nov 12, 2010 at 11:56:49AM +0000, Karl Foley wrote:
I can suggest two ways, depending on what your distro supports: 1. You can set the sticky bit on the group so that all the files created in the directory are owned by the group rather than the user: i.e. 'chmod 2660 TheDir' The 2 sets the sticky bit for the group, replace the 660 with whatever you need.
Thanks, I think this will probably do what I went when I have got my mind round the documentation. I *believe* the bit you call the 'sticky' bit is more usually called the SETGID bit.
I think that's incorrect (in this context). In Linux, Set-GID is mode_t S_ISGID, and Sticky is S_ISVTX. See: man 2 chmod Srdjan
On 18 Nov 18:26, Chris G wrote:
On Fri, Nov 12, 2010 at 11:56:49AM +0000, Karl Foley wrote:
On 11 November 2010 16:54, Chris G <[1]cl@isbd.net> wrote:
I want to enable two users to write to a specific hiearchy of files and I really can't see an easy way to do it.
To be specific I have a hierarchy of files making up the data files of a wiki which I (mostly) edit directly but also need to be able to edit in the normal wiki fashion. Thus they need to be writeable by the apache2 process (which is user www-data) and directly by the user (which is me, user chris).
Can anyone suggest a way to allow these to be writeable by both users? When a user creates a new file it must be editable by the other user as well so simply creating a common group to which both users belong won't work as, in general, the umask won't give files user write permission.
I can suggest two ways, depending on what your distro supports: 1. You can set the sticky bit on the group so that all the files created in the directory are owned by the group rather than the user: i.e. 'chmod 2660 TheDir' The 2 sets the sticky bit for the group, replace the 660 with whatever you need.
Thanks, I think this will probably do what I went when I have got my mind round the documentation. I *believe* the bit you call the 'sticky' bit is more usually called the SETGID bit.
Indeed, 2 is the setgid bit, 1 would be the sticky bit which is a completely different thing. Better for reading would have been chmod g+s TheDir. The sticky bit (+t) means that only the owner of the file can delete it, no matter what the group permissions are. Cheers, -- Brett Parker http://www.sommitrealweird.co.uk/ PGP Fingerprint 1A9E C066 EDEE 6746 36CB BD7F 479E C24F 95C7 1D61
participants (4)
-
Brett Parker -
Chris G -
Karl Foley -
Srdjan Todorovic