Make new user sub-folders inherit parent permissions

Ioannis Vranos ioannis.vranos at gmail.com
Mon Jan 21 02:50:18 UTC 2013 

On Mon, Jan 21, 2013 at 2:40 AM, John Hupp <lubuntu at prpcompany.com> wrote:
>
> OK, thanks to all who have responded so far.
>
> From the several responses here and additional reading, I'm glad to come to
> the understanding that there is only one set of user/group configuration
> information (/etc/passwd, /etc/group and /etc/shadow), though it can be
> managed by different available tools.  (This in contrast to network
> configuration, which really does support two different configuration
> systems.)
>
> For a case where it is desirable for a couple users to work with the same
> set of files, I'm now thinking that my fundamental approach was not quite
> right and that I do not need to involve or maybe should not involve the
> "users" system group.
>
> What I'm now thinking should be the setup:
> 1) Assign /home/user1 as the co-home directory for user2.
> 2) Assign user2 to the user1 group as user2's *primary* group.
> 3) Leave the ownership of /home/user1 as Owner: user1 and Group: user1.
> With the /home/user1 permissions such that owner and group can edit, user1
> and user2 should then be able to freely create, access and edit everything
> in /home/user1.
> 4) Delete /home/user2.
>
> I expect then that this would solve my original problem in which new
> sub-folders did not inherit ownership by the "users" group.  And maybe
> better respects Linux design principles.
>
> Is that a good and workable proposed setup?  Is there any obvious
> consideration I am missing?


Linux ownership also includes SetUID, and SetGID.

If SetUID is set for an executable, then when any user runs this file,
it is as if the user set by SetUID is running the file.

If SetGID is set for an executable, it is as if the user that runs it,
belongs to the group specified by SetGID.


If SetGID is set for a directory, then all files created in this
directory, by any user, have their group ownership set to the group
specified by SetGID, and not to the primary group of the user that
creates the file.

So, I think in your situation, a nice approach is to add user1 and
user2 to group "users" (NOT as their primary group), and then set the
SetGID attribute of their common directory to "users".


-- 
Ioannis Vranos

http://cppsoftware.binhoster.com

More information about the Lubuntu-users mailing list