Results 1 to 9 of 9

Thread: Newly Created Users Have Their Own Groups But...

  1. #1
    Join Date
    Feb 2016
    Beans
    104

    Newly Created Users Have Their Own Groups But...

    I was really torn on what title to give this post. I'm fine-tuning permissions on shares and have found an odd "anomaly" associated with the groups that are automatically created when you create a user. For instance, if you create 'user1' a group called 'user1' is also created. All well and good. But I'm trying to implement a sort of private directory for users and I've either arrived at the wrong paradigm or I'm not understanding how groups and permissions in Ubuntu work. And, yes, it could be both.

    Let's say I created my own administration user called 'myadmin'. Then I create a user of the server called 'user1'. In order to give them their own space on the server I create a directory called 'user1data'. In order to give them full rights to their directory I can execute 'sudo chgrp user1 user1data'. With a chmod statement using '770' I'll give the directory owner and the user's group all rights while not allowing anyone else access.

    In my mind, I should be able to add the 'myadmin' user to the user's group named 'user1' and have all access. But this doesn't work. The user 'myadmin' gets no access while the user, 'user1' gets all access. If I create a new group, such as 'user1datagroup' and make 'user1' as well as 'myadmin' users, then 'sudo chgrp user1datagroup user1data'. All will work fine.

    Clearly, the group created for each user when the user itself is created doesn't behave like a normal group when it comes to permissions.

    Why is that?

    I'll assume I can't fix that and will think about another way to manage shares and private directories. But, for now, I'd at least like to have my observation affirmed with an explanation of the odd-seeming-to-me (noob) behavior.

    Thanks!
    Last edited by kazz2; February 21st, 2016 at 10:02 PM.

  2. #2
    Join Date
    Oct 2005
    Location
    Lab, Slovakia
    Beans
    10,783

    Re: Newly Created Users Have Their Own Groups But...

    Howdy,

    It can be a little confusing. A user has one primary group (usually the same as his user name) and several secondary groups. By default a new file will be created with the primary group.

    if you want to set up a shared directory, then make a special group for that and setGID on the directory so that all new files will be created with that group:

    http://terokarvinen.com/2011/shared-...h-chmod-setgid

    The other confounding thing is that when you added a group to a user, the user has to log out and log in again, in order for the desktop environment to refresh itself and take note of the new group.
    Last edited by HermanAB; February 22nd, 2016 at 10:21 AM.

  3. #3
    Join Date
    Dec 2008
    Location
    UK
    Beans
    434
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Newly Created Users Have Their Own Groups But...

    Quote Originally Posted by HermanAB View Post
    Howdy,

    It can be a little confusing. A user has one primary group (usually the same as his user name) and several secondary groups. By default a new file will be created with the primary group.

    if you want to set up a shared directory, then make a special group for that and setGID on the directory so that all new files will be created with that group:

    http://terokarvinen.com/2011/shared-...h-chmod-setgid

    The other confounding thing is that when you added a group to a user, the user has to log out and log in again, in order for the desktop environment to refresh itself and take note of the new group.
    I would definitely echo HermanAB's reply. When I first started, not knowing about the logging in and out before a user is recognised as part of a group caused me all sort of issues.

  4. #4
    Join Date
    Feb 2016
    Beans
    104

    Re: Newly Created Users Have Their Own Groups But...

    Thanks much. I'll get into this once I get past a new hurdle and will post and update!

  5. #5
    Join Date
    Feb 2016
    Beans
    104

    Re: Newly Created Users Have Their Own Groups But...

    I'm finally getting back to this. And thanks again for the support!

    So, create a group for each "top-level" shared directory. Then use the set GUID feature of chmod (s) on the directory itself. That way, when ANY user in the shared directory's group creates a file it will belong to the same group as the directory regardless of the user's default group.

    That about it? My example:

    Users: Bob, Mary, and Joey each with their own default group of the same name respectively.
    Shared directory: House
    Shared directory's group: Family

    Set the GID of House to Family.
    When any of the three users create a file in the House directory, the file's group will be Family.

    Thanks!

  6. #6
    Join Date
    May 2008
    Location
    SoCal
    Beans
    Hidden!
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Newly Created Users Have Their Own Groups But...

    Quote Originally Posted by kazz2 View Post
    I'm finally getting back to this. And thanks again for the support!

    So, create a group for each "top-level" shared directory. Then use the set GUID feature of chmod (s) on the directory itself. That way, when ANY user in the shared directory's group creates a file it will belong to the same group as the directory regardless of the user's default group.

    That about it? My example:

    Users: Bob, Mary, and Joey each with their own default group of the same name respectively.
    Shared directory: House
    Shared directory's group: Family

    Set the GID of House to Family.
    When any of the three users create a file in the House directory, the file's group will be Family.

    Thanks!
    You have to add the users (Bob, Mary, and Joey) to the user-group Family so they have access and read/write permissions in the shared directory.
    -BAB1

  7. #7
    Join Date
    Feb 2016
    Beans
    104

    Re: Newly Created Users Have Their Own Groups But...

    Absolutely! I see I left that out.

    I'll proceed as above. Thanks!

  8. #8
    Join Date
    Nov 2008
    Location
    Boston MetroWest
    Beans
    16,326

    Re: Newly Created Users Have Their Own Groups But...

    You can use utilities like adduser to add users to groups, but sometimes I just edit the file /etc/group instead. You can add users by entering their usernames at the end of the group's definition like this:
    Code:
    users:x:999:bill,sue,bobby,fred,harriet
    That puts all those users in the "users" group with group ID 999.
    If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  9. #9
    Join Date
    Feb 2016
    Beans
    104

    Re: Newly Created Users Have Their Own Groups But...

    Thanks, I recently found that information myself. In my case I have a handful of users and a handful of top-level folders so I've done it all through the command line. But /etc/group is a great reference.

    Note to anyone who's stumbled onto this and is migrating data like I have been. If you already have data in place before you set up this type of permissions and access, you have to set the group ID of all the sub-folders and it makes sense to do the same to the files, as well. I used sudo chgrp groupname * -R. And, has been noted, when you want to test the access you have to log your user out and back in for it to all be in effect.

    Thanks again, everyone!

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •