How can I setup a group writeable directory?

16

13

$ whoami
meder
$ cd /var/www
$ sudo mkdir html
$ sudo groupadd web
$ sudo usermod -a -G web meder
$ sudo usermod -a -G web medertest
$ sudo chown meder:web html
$ sudo chmod -R g+rwx html

The problem is, anytime I create a new file in /var/www/html even though the group is set to web, it is only writeable by the original user.

I was given the advice of setting the umask to be 002 because the default is what causes the problems. But I would have to do this for all users in that group, and as far as I know it would be tedious having all of them modify ~/.bashrc to have umask 002. Even if I can do it myself with a shell command for all of those users, it still seems too tedious.

Can anyone offer any advice on having a group writeable directory?

meder omuraliev

Posted 2011-01-06T17:49:32.540

Reputation: 1 609

@marco thanks did not know that group info is not updated in the current session... bummer – gabeio – 2015-04-23T00:43:54.027

2Have you tried logging out and then logging again with the user meder? Group information is not updated in the current session. – marco – 2011-01-06T18:52:06.833

@marco - I did su medertest and su meder like a thousand times. Does that qualify as a log out? – meder omuraliev – 2011-01-06T19:12:22.220

Answers

30

First, enable the SGID bit on your directory:

sudo chmod g+s html

This will make new files created inside that directory inherit the parent's group ownership.

There is no inheritance of permission levels in the POSIX permission model. However, this can be done with Access Control Lists, without having to worry about umask settings:

sudo setfacl -d -m group:web:rwx html

It's a real bummer that umask cannot be assigned on a per-directory basis.

mizo

Posted 2011-01-06T17:49:32.540

Reputation: 826

1I have been hunting around for this answer forever, and I just got referred to it via a Twitter response. Thanks @mizo! – Glyph – 2014-07-27T19:27:38.403

what's g+s in numbers? – Jürgen Paul – 2013-07-23T06:39:29.483

1@WearetheWorld prepend with 2: chmod 2XXX file. – mizo – 2013-07-23T11:46:27.477

0

You need to set the setgid bit on the directory.

chmod g+s html

Paused until further notice.

Posted 2011-01-06T17:49:32.540

Reputation: 86 075

This only preserves directory ownership, not directory permissions. – Glyph – 2014-07-27T19:26:34.423

Can I combine this chmod with the g+rwx one? – meder omuraliev – 2011-01-06T19:47:43.043

1@meder: yes g+rwxs – Paused until further notice. – 2011-01-06T19:54:45.967

Asked: 2011-01-06T17:49:32.540

Viewed: 26 263 times

Active: 2012-07-08T21:53:55.260