0
1
I have two users, user1 and user2 which are both in a group matching their user name. I'd like both users to have full r/w/x permissions on all of each other's files as default without having to CHMOD them manually.
How can I set this up?
James Haigh
Posted 2011-02-14T12:11:36.027
Reputation: 1
1
You should have a users group in /etc/group. You can change them to this group and change umask to default file permissions to 664. These steps should do it.
chgrp -R users on both their home directories.chmod -R g+w on the directories they want to share. I would exclude Maildir if they have one. usermod -g users for each of their userids.umask command in their .profile and change the value to 002 from 022. For a project or privacy for these users you could add a new group or use one of their private groups in the commands above. If you chose user1, then you only need to change the group of user2. You still need to change access and umask for both.
EDIT: You can default new users to the users group by editing /etc/default/useradd. However, this would give all new users to the files owned by the two users you are modifying.
BillThor
Posted 2011-02-14T12:11:36.027
Reputation: 9 384
1
If the filesystem used supports ACLs I recommend their use in such selective user access control.
setfacl -m u:${USER}:rw
write and executable permissions should be given mutually exclusive (except for directories). Giving them both may cause serious security problems.
datenwolf
Posted 2011-02-14T12:11:36.027
Reputation: 276
0
Create a new group to hold both users. As root:
groupadd foo
Then add both users to the group:
usermod -aG foo tommy
usermod -aG foo sally
Make sure their files have group read/write/execute permissions (at least 0770) and you should be set.
Patches
Posted 2011-02-14T12:11:36.027
Reputation: 14 078
Thanks for your answer. Is there any way that I could have both users access each other's files even if, for example, permissions were set to 0644? This is the main problem I'm facing - where user1 would have a file set to 0644 and user2 cannot modify it. – James Haigh – 2011-02-14T13:53:12.147
1@James You cannot easily get around the 0644 permissions, but if both users set their umasks to 002, files should be created group readable without manual intervention. They would do this by putting
umask 002in their .bashrc – KeithB – 2011-02-14T14:13:37.4302You're going to want to use the
-aoption for theusermodcommand, i.e.usermod -a -G foo tommy. Without it, the supplementary groups for the user will be set to only foo, most likely not the desired behavior. – cledoux – 2011-02-14T15:24:24.160@chaz8705 Thanks! I'll fix my answer for future readers. – Patches – 2011-02-14T22:54:43.060