1

There are two accounts user1 and user2. I wish to share and give rwx access to my user1 /home/user1/Documents/ folder with user2. To do this, I have made a new group called sharedDocs. These are the commands I executed in order:

 groupadd sharedDocs
 usermod -aG share user1
 usermod -aG share user2

 chgrp -R sharedDocs /home/user1/Documents

sudo chmod -R g+rwX /home/user1/Documents

From here, I switch to user2 to access the documents. su to reload.

su user2

user2: touch 1.txt

This command works, if prior to su I was in the /home/user1/Documents folder. However, the following commands don't work, and I cannot return to the directory once I left it.

user2: touch /home/user1/Documents/1.txt
touch: cannot touch '/home/user1/Documents/1.txt': Permission denied

user2: cd /home/user1/Documents/
bash: cd: /home/user1/Documents: Permission denied

I have followed these two guides:

How to allow folder permission for another user in Linux?

Allowed group can't access a folder

0xheartcode
  • 53

1 Answers1

1

You need to have execute permission to enter the /home/user1/ folder and any subfolders in it, or to access any files in it.

By default linux sets user home folder to 750, or rwxr-x---, meaning users which are not owner of the folder or in the group that owns the folder are not allowed to enter that folder.

It is not enough to have permissions to the subfolder or a files inside user1 home directory you also need to have permission to enter/passthrough that directory to get to objects inside it.

Execute permission on a file gives you permission to run the file it it is a script or an application, execute permission on a directory gives you permission to enter that directory or pass through it to get to files and folders inside it.

You can either put user2 in a group that owner /home/user1, or use setfacl command to set additional permission to give execute permission to just user2 on /home/user1 so that he can enter the folder to get to /home/user1/Documents

something like this would give execute permission to user2 on /home/user1

setfacl -m user2:x /home/user1/

You can then use getfacl command to see acl rules on the folder

getfacl /home/user1

For directories read permission means that the user may see the contents of a directory. Write permission means that a user may create files or folders in the directory. Execute permission means that the user may enter the directory.

ralz
  • 1,996
  • 13
  • 17