2

I'm using Linux Mint 18.Let's say there're several shared directories.Each directory belongs to a specific group.One of this is foo and must be shared by Pippo and Pluto so I've created the group foo and I've added Pippo and Pluto to it.All contents created inside foo and its subdirectories must be accessible to both Pippo and Pluto regardless the creator is Pippo or Pluto. The problem is that when creating a new file or directory the id group of the content is set to Pluto or Pippo(depending by whom the content has been created)and not to foo even if I've changed the group of the foo folder and its subdirectories and files to foo.

What's the way to give to new contents the group foo?

EDIT

Outside the foo folder every file created by Pippo or Pluto must have the group set respectively to Pippo and Pluto.

Antonio Del Sannio
  • 157
  • comprehensive coverage of both permissions and special permissions (SUID, SGID, sticky bit) at https://www.redhat.com/sysadmin/suid-sgid-sticky-bit also note X conditionally set execute missing there and described at https://unix.stackexchange.com/questions/416877/what-is-a-capital-x-in-posix-chmod as well as https://www.linuxjournal.com/article/1190 – jimmont Aug 10 '21 at 16:19

2 Answers2

2

The default behaviour (as you have found out) is to give a file the same UID and GID as the owner. If you want to override that, you need to set the setgid bit on the directory that stores the file. This will not affect already-existing files and directories, so you'll need to fix the permissions on each directory underneath as well (as @cas mentioned, you probably want to allow the members of the foo group to modify each others' work (and view the directories), so you'll want to add those permissions too.)

To fix this (assuming you've already created the directory structure), run the following from the root of the structure:

find . -type d -exec chmod g=rwsX {} \;
chgrp -R foo *

I used find to select just the directories, as setting the setuid/setgid bits on files has a different meaning. Of course, if you're creating a new directory, you just have to run the chmod/chgrp commands without using find.

EDIT: Fixed the chmod permissions.

ErikF
  • 4,042
  • that chmod should be g+s, not u+s. and you should make sure the directories are read, write, and executable by group members too. so chmod g=rwsX – cas Jan 25 '18 at 11:17
  • could you explain the meaning of both {} and ?Thanks – Antonio Del Sannio Jan 25 '18 at 11:25
  • OK {} tells find to use the found name with chmod and \ remove the path from the file name?Is it right? – Antonio Del Sannio Jan 25 '18 at 11:31
  • The man page for find(1) (under -exec) has the details. {} is a placeholder for the matched file, and ; ends the command line. As the shell treats ; specially, you need to escape it (so it becomes \;). – ErikF Jan 25 '18 at 11:35
  • i'm sorry I didn't see there is not space between \ and ; now it's clear – Antonio Del Sannio Jan 25 '18 at 11:43
  • You can also use a + instead of \; with most modern versions of find (including GNU find). \; would execute one chmod per found directory. + would execute one chmod command per many thousands of directory names (as many as will fit on a command line...anywhere from 128K or so up to a megabyte or two on modern systems). – cas Jan 25 '18 at 12:44
0

You could run a cron job to recursively change the contents owners to the foo group.

Jaken551
  • 565