3

I have these permissions on a folder.

drwxr-sr-x  2 root    sharedmaster  4096 2010-09-22 10:36 rantest99

I have user tony which is in the group sharedmaster. When I try to mkdir from tony it says permission denied. Why is that?

I have set the gid bit on directory so that new directory has group read write permissions. Where am I wrong.

Zoredache
  • 128,755
  • 40
  • 271
  • 413

3 Answers3

4

I believe you need to chmod g+w rantest99.

Edit:

chmod g+w dirname makes a directory writable by members of the group. This is what chmod g+s dirname does:

From info coreutils 'Directory Setuid and Setgid'

27.4 Directories and the Set-User-ID and Set-Group-ID Bits ==========================================================

On most systems, if a directory's set-group-ID bit is set, newly created subfiles inherit the same group as the directory, and newly created subdirectories inherit the set-group-ID bit of the parent directory. On a few systems, a directory's set-user-ID bit has a similar effect on the ownership of new subfiles and the set-user-ID bits of new subdirectories. These mechanisms let users share files more easily, by lessening the need to use 'chmod' or 'chown' to share new files.

Community
  • 1
Dennis Williamson
  • 60,515
  • 14
  • 113
  • 148
  • chmod g+w give write access to group sharedmaster. mkdir need only read access – bindbn Sep 22 '10 at 02:10
  • I have set chmod g+s on the directory parent to rantest99 and i tested making directory rantest99. But the i was not able to write anything inside the newly cretaed directory . although it has s bit set. what is the diff between g+s and g+w –  Sep 22 '10 at 02:23
  • @Master, you are also going to need to set/adjust the user's umask. – Zoredache Sep 22 '10 at 02:29
  • @binbn: `mkdir somedir; id -Gn someuser | grep somegroup; sudo chown root:somegroup somedir; sudo -u someuser mkdir somedir/subdir` "mkdir: cannot create directory `somedir/subdir': Permission denied" `sudo chmod g+w somedir; sudo -u someuser mkdir somedir/subdir` *success* – Dennis Williamson Sep 22 '10 at 02:40
  • @Master: See my edit. – Dennis Williamson Sep 22 '10 at 02:47
3

In addition granting write access on the parent directory you almost certainly need to adjust the umask of the user which is probably set to filter away group/other write access.

You probably want to set a umask of 0002.

Community
  • 1
Zoredache
  • 128,755
  • 40
  • 271
  • 413
0

paste error please.

test@u1004s02:/tmp$ ls -ald 1
drwxr-sr-x 2 root test 4096 Sep 22 05:49 1
test@u1004s02:/tmp$ id
uid=1001(test) gid=1001(test) groups=1001(test)
test@u1004s02:/tmp$ cd 1  
test@u1004s02:/tmp/1$

About setgid: http://en.wikipedia.org/wiki/Setuid#setuid_and_setgid_on_directories

bindbn
  • 5,153
  • 2
  • 26
  • 23