Ubuntu Forums - View Single Post

mjwood0

Solution!!!
Well, I guess I'm going to answer my own question -- but am also going to make sure I post it so others may benefit.

The solution is ACL -- POSIX Access Control Lists

Now -- I must say, I don't really fully understand all the features here. But they are quite powerful and were pretty easy to make work in my situation.

So, to start with, download acl.

Code:

sudo apt-get install acl

At this point, you have to modify your fstab file for the mount you want to be able to use ACL. But first, unmount this folder.

Code:

sudo umount /dev/sda5

You will obviously have to replace "sda5" with the appropriate partition.

Then, edit the fstab file to add "acl" to the mount options. It should look like this:

Code:

/dev/sda5       /home/data      ext3    defaults,acl    0     0

At this point, you need to re-mount the drives. Easy way is:

Code:

sudo mount -a

Okay. So you're back in business. In my case the directory I want to be read, write, execute for everyone in the group "data" is /home/data.

To see the acl permissions on this file, do the following:

Code:

mjwood@mojave7:~$ getfacl /home/data
getfacl: Removing leading '/' from absolute path names
# file: home/data
# owner: root
# group: data
user::rwx
group::rwx
other::r--

This pretty much tells you the same thing as a "ls -al" command.

What I wanted to do, was set the default permissions on the directory to rwx for all users in the "data" group.

Code:

sudo setfacl -dm g:data:rwx /home/data

Repeating the getfacl command now gives me this:

Code:

getfacl /home/data
getfacl: Removing leading '/' from absolute path names
# file: home/data
# owner: root
# group: data
user::rwx
group::rwx
other::r--
default:user::rwx
default:group::rwx
default:group:data:rwx
default:mask::rwx
default:other::r--

From what I can tell, the options mean the following:
-d -- Set the default permissions
-m -- Modify the selected permission

the rest of the command is as follows:
"g" is that I want to set permissions based on a group
"data" is the group I want to set the permissions for
"rwx" are the permissions I want to set.

Just an important note in case anyone tries this -- to remove acl permissions, execute the following on the directory:

Code:

sudo setfacl -b /directory/to/remove/permissions/from

I tested this and everything under this directory inherits the default permissions. Works great for what I want!

Now I just have to see if this survives a reboot...

Hope this helps. If I get a chance, I'll try to write my first howto -- that is if anyone thinks it would be useful!

March 16th, 2006
mjwood0 Gee! These Aren't Roasted! Join Date: Aug 2005 Beans: 178 Ubuntu 8.04 Hardy Heron	Re: Permissions on a shared directory Solution!!! Well, I guess I'm going to answer my own question -- but am also going to make sure I post it so others may benefit. The solution is ACL -- POSIX Access Control Lists Now -- I must say, I don't really fully understand all the features here. But they are quite powerful and were pretty easy to make work in my situation. So, to start with, download acl. Code: sudo apt-get install acl At this point, you have to modify your fstab file for the mount you want to be able to use ACL. But first, unmount this folder. Code: sudo umount /dev/sda5 You will obviously have to replace "sda5" with the appropriate partition. Then, edit the fstab file to add "acl" to the mount options. It should look like this: Code: /dev/sda5 /home/data ext3 defaults,acl 0 0 At this point, you need to re-mount the drives. Easy way is: Code: sudo mount -a Okay. So you're back in business. In my case the directory I want to be read, write, execute for everyone in the group "data" is /home/data. To see the acl permissions on this file, do the following: Code: mjwood@mojave7:~$ getfacl /home/data getfacl: Removing leading '/' from absolute path names # file: home/data # owner: root # group: data user::rwx group::rwx other::r-- This pretty much tells you the same thing as a "ls -al" command. What I wanted to do, was set the default permissions on the directory to rwx for all users in the "data" group. Code: sudo setfacl -dm g:data:rwx /home/data Repeating the getfacl command now gives me this: Code: getfacl /home/data getfacl: Removing leading '/' from absolute path names # file: home/data # owner: root # group: data user::rwx group::rwx other::r-- default:user::rwx default:group::rwx default:group:data:rwx default:mask::rwx default:other::r-- From what I can tell, the options mean the following: -d -- Set the default permissions -m -- Modify the selected permission the rest of the command is as follows: "g" is that I want to set permissions based on a group "data" is the group I want to set the permissions for "rwx" are the permissions I want to set. Just an important note in case anyone tries this -- to remove acl permissions, execute the following on the directory: Code: sudo setfacl -b /directory/to/remove/permissions/from I tested this and everything under this directory inherits the default permissions. Works great for what I want! Now I just have to see if this survives a reboot... Hope this helps. If I get a chance, I'll try to write my first howto -- that is if anyone thinks it would be useful! __________________ Linux User #395848