8

Possible Duplicate:
Make all new files in a directory accessible to a group

I have a directory in which collaborative files / directories are stored. Say directory abc is owned by root and the group is project-abc. I'd like for this directory to have the following:

  1. Only members of group project-abc are allowed to change the contents of this directory.
  2. Files added to abc must have read and write permissions set for members or group abc
  3. Directories added must have read, write and execute permissions for group abc

This is straightforward for static directories, but the contents of this directory are expected to change quite often. What's my best approach to producing the desired result?

Community
  • 1
ephsmith
  • 1,006

1 Answers1

8

The best thing you can do is to add the setgid bit (chmod g+s) to your directories. See Directory Setuid and Setgid in the coreutils manual. New directories will then preserve group ownership.

As for permissions, the best you can do is make sure umask 002 is in use every time someone works inside this directory.

(Yes, basic unix-style permissions are too basic sometimes… I don't know if ACLs can make collaborative work inside a directory easier. If they are activated in your system, you might have a look.)

Stéphane Gimenez
  • 28,907
  • Stéphane, thanks for your response. I have added the setgid bit for the top-level directory and that handles group ownership. Responsible users are handling the necessary permission modifications to directories and files that they create. Unfortunately, some don't. I'll look into your other recommendations. ACLs aren't activated ATM, but they are an option. – ephsmith Jul 16 '12 at 16:07