How are permissions inherited on an Ubuntu Server?
-
02-07-2019 - |
Question
Sorry for the second newbie question, I'm a developer not a sysadmin so this is all quite new to me. I hope I can explain myself clearly! Here goes.
Here's what I did:
Logged into the root account
Created the accounts 'richard' and 'austin'
Created the group 'developers', and added 'richard' and 'austin' to it
Created the directory /server, and used "chown richard:developers /server" to change the owner
Changed the permissions of /server to drwxrwxr-x (so the group can write to it)
Logged out of the root account, and into the 'richard' account
Created the directories /server/production and /server/staging
Used "ls -l" inside /server to list the contents, and found permissions of drwxr-xr-x and ownership of "richard:richard" for both /server/production and /server/staging. Consequently, 'austin' can edit inside the /server directory, but not inside the directories 'richard' created.
What am I doing wrong? I want to ensure that any files or folders created inside the /server directory have group write permissions and belong to the developers group. How do I go about that?
Thanks for any help!
Solution
Looks like you want to use "chmod g+s" or "chmode 2775" to get the SetGID bit set on the directory, that should preserve the group if I remember my permission modes properly.
OTHER TIPS
When you created the directories as richard the system assumed that you were the owner and set you as the owner, you can either change the ownership and permissions manualy
sudo chown richard:developers
sudo chmod 775
or
set the default permissions for creating files/folders (found this: http://wiki.slicehost.com/doku.php?id=setting_up_ubuntu_slice_with_django_postgresql_ledgersmb_and_openvpn)
or
use acl's (see: http://ubuntuforums.org/showpost.php?p=3718480&postcount=12) for details
How did you change the permissions of /server? Do it recursively, if you didn't.
Good luck!
you must have set a restrictive umask
edit ~/.bash_profile
and modify the umask setting for the specific user.