[H-GEN] Shared Directory?

Greg Black gjb at gbch.net
Thu Nov 10 01:42:12 EST 2005 

Since nobody has stepped up to the plate, here's a little
explanation of using Unix groups and umask settings to control
and facilitate group access to certain files.

We start with a few assumptions.  To make this scheme work, you
must set things according to the assumptions, which are pretty
standard, either as defaults or options, in any modern Unix[1]
system.

You have directories where sharing is desired set to force new
files to adopt the same group as the directory.  (This is the
default in BSD systems, and an option in most others.)

You have each user belong to a group with the same name as their
login and nobody else belongs to that group.  (This is also the
default with the adduser command on many modern systems, and is
easy enough to enforce on other systems.)

You set the umask for the users involved in the sharing scheme
to 07 (or 02 if you're happy to give world read access to the
controlled files).

Once the above is setup, we're ready to go.  For this example,
we have two users -- alice and bob.  Each is in their own group
(groups alice and bob, respectively).  Then we create the shared
group and add alice and bob to that group, which we'll call
family for now.  (All this is standard stuff, so I won't spell
it out.)

Alice wants to create a shared directory in her home directory
for documents about their forthcoming wedding.  So she carries
out something like the following:

    cd ~
    mkdir wedding
    chgrp family wedding

If she's on a non-BSD system, she'll also probably have to do
something like:

    chmod g+s wedding

Now, provided her home directory has permissions something like
rwxr-xr-x (755) or even rwx--x--- (710), she can tell Bob that
the stuff about the wedding is in ~alice/wedding and both of
them will be able to create files there that both can read and
edit.

And that's all there is to it[2].

Cheers, Greg

----------
[1] I use the term "Unix" to cover Unix, Unix-derived and
    Unix-like systems, including Linux.

[2] Well, that's it unless I made a miss steak (possible, since
    I'm still very tired and was distracted several times while
    writing this and haven't actually created the users and
    groups and tested it all, but I'm sure somebody will point
    out any errors promptly).

More information about the General mailing list