umask, ACL inheritance and setgid +s not working with copy from flash drive in nautilus

Andy Graybeal andy.graybeal at casanueva.com
Wed Sep 15 11:42:37 UTC 2010 

On 09/14/2010 10:05 PM, Rashkae wrote:
> Tony Arnold wrote:
>> Everyone seems to have ignored my contribution to this thread. If I'm
>> wrong just tell me, but please do not just ignore me.
>>
>> Andy, you might let us know what permissions you were expecting given
>> the ACL you had set up on the directory.
>
>>>
>>> I think the permissions are correct. The defaults in the ACL say a file
>>> should get rwxrwxr-x but this is then AND'd with the default mask of rwx
>>> giving rwx------
>>>
>>> Or am I missing something?
>>>
>
> You're missing that the files he's copying have a permission of 600,
> which is preserved when they are copied to the new folder.  The ACL
> therefore does not get AND'd with rwxrwxr-x as it would with default
> mask, but rw--------, and therefore, doesn't work as wanted.
>

Tony, I wasn't ignoring you, but I didn't know (as in I'm not smart 
enough, yet) how to respond.  You clearly understand these things more 
than I do, I didn't know what to go with a response.
Please don't be offended, that wasn't my intention.  I should have 
thanked you and asked a question.

I would like to end up with the files looking like this:
-rw-rw-r--

This won't be a place where scripts or anything is stored, it's only for 
data files (documents and spreadsheets mostly), so nothing will get 
executed from this folder.

Obviously it would be nice when someone created folders they would look 
like this:
drwxrwxr-x

I would like the files to inherit the group owner of the directory 
(which I think i've accomplished, because it's working with both 
nautilus and gnome-terminal, and i did this with setgid +s).

If there is another approach I should be taking, I'm open to it.  This 
is just how I imagined my workplace would be able to work together on 
files, and people from the Finance team wouldn't be able to 'create, 
edit, delete' the files belonging to the Tech team, and vice-versa.  I 
would like the ability for everyone to read everyone else's work.

You have to understand that I'm fairly new to this, and I thought that 
this was a fairly popular way to work with files with groups of people 
working together.

I'm having second thoughts and doubting myself.  I'm also sorry for 
asking poorly thought out and confusing questions.  I keep reading the 
ACL documentation, but I admit that it's hard for me to understand.

-Andy

More information about the ubuntu-users mailing list