File server permission











up vote
0
down vote

favorite












I am trying to give 2 users rwx access to a new shared directory i have created that will hold some shared documents. The directory is /srv/shared The 2 users are Mason and Bill that will be accessing the files. I would like both users to be able to rwx any newly created files/directories by each other.



I have added Bill to the group Mason with sudo usermod -a -G mason bill
I then changed the /srv/shared ownership to Mason and group Mason with sudo chown mason:mason /srv/shared



I then tried creating a directory in /srv/shared logged in as bill with mkdir /srv/shared/test but got access denied. I tried giving the directory chmod 755 permissions but that still gave Bill access denied when creating files. When i gave chmod permissions 777 Bill could then create directories and files without an issue.



Just trying to work out what I have done wrong for this to only work with 777 permissions which is not really what i want to allow?






permissions







share|improve this question
























  • How are you sharing? Multi user Linux system? CIFS/Samba server? NFS? SSHFS mounts?
    – ivanivan
    Aug 27 '17 at 13:35















up vote
0
down vote

favorite












I am trying to give 2 users rwx access to a new shared directory i have created that will hold some shared documents. The directory is /srv/shared The 2 users are Mason and Bill that will be accessing the files. I would like both users to be able to rwx any newly created files/directories by each other.



I have added Bill to the group Mason with sudo usermod -a -G mason bill
I then changed the /srv/shared ownership to Mason and group Mason with sudo chown mason:mason /srv/shared



I then tried creating a directory in /srv/shared logged in as bill with mkdir /srv/shared/test but got access denied. I tried giving the directory chmod 755 permissions but that still gave Bill access denied when creating files. When i gave chmod permissions 777 Bill could then create directories and files without an issue.



Just trying to work out what I have done wrong for this to only work with 777 permissions which is not really what i want to allow?






permissions







share|improve this question
























  • How are you sharing? Multi user Linux system? CIFS/Samba server? NFS? SSHFS mounts?
    – ivanivan
    Aug 27 '17 at 13:35













up vote
0
down vote

favorite









up vote
0
down vote

favorite











I am trying to give 2 users rwx access to a new shared directory i have created that will hold some shared documents. The directory is /srv/shared The 2 users are Mason and Bill that will be accessing the files. I would like both users to be able to rwx any newly created files/directories by each other.



I have added Bill to the group Mason with sudo usermod -a -G mason bill
I then changed the /srv/shared ownership to Mason and group Mason with sudo chown mason:mason /srv/shared



I then tried creating a directory in /srv/shared logged in as bill with mkdir /srv/shared/test but got access denied. I tried giving the directory chmod 755 permissions but that still gave Bill access denied when creating files. When i gave chmod permissions 777 Bill could then create directories and files without an issue.



Just trying to work out what I have done wrong for this to only work with 777 permissions which is not really what i want to allow?






permissions







share|improve this question















I am trying to give 2 users rwx access to a new shared directory i have created that will hold some shared documents. The directory is /srv/shared The 2 users are Mason and Bill that will be accessing the files. I would like both users to be able to rwx any newly created files/directories by each other.



I have added Bill to the group Mason with sudo usermod -a -G mason bill
I then changed the /srv/shared ownership to Mason and group Mason with sudo chown mason:mason /srv/shared



I then tried creating a directory in /srv/shared logged in as bill with mkdir /srv/shared/test but got access denied. I tried giving the directory chmod 755 permissions but that still gave Bill access denied when creating files. When i gave chmod permissions 777 Bill could then create directories and files without an issue.



Just trying to work out what I have done wrong for this to only work with 777 permissions which is not really what i want to allow?






permissions




permissions






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 25 at 23:44









Rui F Ribeiro

38.3k1477127




38.3k1477127










asked Aug 27 '17 at 10:24









Mason

162




162












  • How are you sharing? Multi user Linux system? CIFS/Samba server? NFS? SSHFS mounts?
    – ivanivan
    Aug 27 '17 at 13:35


















  • How are you sharing? Multi user Linux system? CIFS/Samba server? NFS? SSHFS mounts?
    – ivanivan
    Aug 27 '17 at 13:35
















How are you sharing? Multi user Linux system? CIFS/Samba server? NFS? SSHFS mounts?
– ivanivan
Aug 27 '17 at 13:35




How are you sharing? Multi user Linux system? CIFS/Samba server? NFS? SSHFS mounts?
– ivanivan
Aug 27 '17 at 13:35










2 Answers
2






active

oldest

votes

















up vote
1
down vote













Add the users mason and bill to a new group, lets call them mbshare. Then change the permissions and group on the share point to match the new group. Finally add the users to the group.



// create a new group

sudo groupadd mbshare

// change the permissions on the sharepoint

sudo chgrp -R mbshare /path/to/share

sudo chmod -R 2775 /path/to/share

// make the users part of the share group

sudo usermod -aG mbshare mason

sudo usermod -aG mbshare bill


Now mason and bill can create and edit files in /path/to/share.



The 2 in the 2775 permission flag means: (setGID bit) new files will have the same group as the directory and subdirectories inherit the same as parent.



If you only want mason and bill to see the files within the share, use 2770 instead of 2775.



The advantages of creating a custom group are significant.




  • It is easy to add or remove a new user to the group.

  • You can quickly see who has access to the group.

  • You can remove any user without the need to change any permissions.

  • Keeps things very neat and tidy :]


Edit: Corrected a few "from memory" errors.






share|improve this answer























  • Thanks very much for this, will give it a try. Would i need to create a user though named mbshare to be able to chown mbshare:mbshare /path/to/share
    – Mason
    Aug 27 '17 at 10:42










  • The mbshare group name was just an example name. You can call the group (almost) anything you like within the rules of a group name. For example: internalshare, groupshare, projectname, sharedjunk. What ever you call the group, substitute that in place of mbshare in the chown.
    – Tigger
    Aug 27 '17 at 10:48










  • I see what you mean regarding the share name, i thought chown 'mbshare:mbshare' means change ownership of this directory to user mbshare and group mbshare. Obviously user mbshare does not exist only the group mbshare does.
    – Mason
    Aug 27 '17 at 10:55










  • @Mason Fixed a number of errors.
    – Tigger
    Aug 28 '17 at 8:56




















up vote
0
down vote













It should be 775. Since both of them belong to same group. The group should have rwx right. The first 7 for the owner and second 7 for the group.






share|improve this answer





















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f388629%2ffile-server-permission%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    1
    down vote













    Add the users mason and bill to a new group, lets call them mbshare. Then change the permissions and group on the share point to match the new group. Finally add the users to the group.



    // create a new group
    
sudo groupadd mbshare
    
// change the permissions on the sharepoint
    
sudo chgrp -R mbshare /path/to/share
    
sudo chmod -R 2775 /path/to/share
    
// make the users part of the share group
    
sudo usermod -aG mbshare mason
    
sudo usermod -aG mbshare bill


    Now mason and bill can create and edit files in /path/to/share.



    The 2 in the 2775 permission flag means: (setGID bit) new files will have the same group as the directory and subdirectories inherit the same as parent.



    If you only want mason and bill to see the files within the share, use 2770 instead of 2775.



    The advantages of creating a custom group are significant.




    • It is easy to add or remove a new user to the group.

    • You can quickly see who has access to the group.

    • You can remove any user without the need to change any permissions.

    • Keeps things very neat and tidy :]


    Edit: Corrected a few "from memory" errors.






    share|improve this answer























    • Thanks very much for this, will give it a try. Would i need to create a user though named mbshare to be able to chown mbshare:mbshare /path/to/share
      – Mason
      Aug 27 '17 at 10:42










    • The mbshare group name was just an example name. You can call the group (almost) anything you like within the rules of a group name. For example: internalshare, groupshare, projectname, sharedjunk. What ever you call the group, substitute that in place of mbshare in the chown.
      – Tigger
      Aug 27 '17 at 10:48










    • I see what you mean regarding the share name, i thought chown 'mbshare:mbshare' means change ownership of this directory to user mbshare and group mbshare. Obviously user mbshare does not exist only the group mbshare does.
      – Mason
      Aug 27 '17 at 10:55










    • @Mason Fixed a number of errors.
      – Tigger
      Aug 28 '17 at 8:56

















    up vote
    1
    down vote













    Add the users mason and bill to a new group, lets call them mbshare. Then change the permissions and group on the share point to match the new group. Finally add the users to the group.



    // create a new group
    
sudo groupadd mbshare
    
// change the permissions on the sharepoint
    
sudo chgrp -R mbshare /path/to/share
    
sudo chmod -R 2775 /path/to/share
    
// make the users part of the share group
    
sudo usermod -aG mbshare mason
    
sudo usermod -aG mbshare bill


    Now mason and bill can create and edit files in /path/to/share.



    The 2 in the 2775 permission flag means: (setGID bit) new files will have the same group as the directory and subdirectories inherit the same as parent.



    If you only want mason and bill to see the files within the share, use 2770 instead of 2775.



    The advantages of creating a custom group are significant.




    • It is easy to add or remove a new user to the group.

    • You can quickly see who has access to the group.

    • You can remove any user without the need to change any permissions.

    • Keeps things very neat and tidy :]


    Edit: Corrected a few "from memory" errors.






    share|improve this answer























    • Thanks very much for this, will give it a try. Would i need to create a user though named mbshare to be able to chown mbshare:mbshare /path/to/share
      – Mason
      Aug 27 '17 at 10:42










    • The mbshare group name was just an example name. You can call the group (almost) anything you like within the rules of a group name. For example: internalshare, groupshare, projectname, sharedjunk. What ever you call the group, substitute that in place of mbshare in the chown.
      – Tigger
      Aug 27 '17 at 10:48










    • I see what you mean regarding the share name, i thought chown 'mbshare:mbshare' means change ownership of this directory to user mbshare and group mbshare. Obviously user mbshare does not exist only the group mbshare does.
      – Mason
      Aug 27 '17 at 10:55










    • @Mason Fixed a number of errors.
      – Tigger
      Aug 28 '17 at 8:56















    up vote
    1
    down vote










    up vote
    1
    down vote









    Add the users mason and bill to a new group, lets call them mbshare. Then change the permissions and group on the share point to match the new group. Finally add the users to the group.



    // create a new group
    
sudo groupadd mbshare
    
// change the permissions on the sharepoint
    
sudo chgrp -R mbshare /path/to/share
    
sudo chmod -R 2775 /path/to/share
    
// make the users part of the share group
    
sudo usermod -aG mbshare mason
    
sudo usermod -aG mbshare bill


    Now mason and bill can create and edit files in /path/to/share.



    The 2 in the 2775 permission flag means: (setGID bit) new files will have the same group as the directory and subdirectories inherit the same as parent.



    If you only want mason and bill to see the files within the share, use 2770 instead of 2775.



    The advantages of creating a custom group are significant.




    • It is easy to add or remove a new user to the group.

    • You can quickly see who has access to the group.

    • You can remove any user without the need to change any permissions.

    • Keeps things very neat and tidy :]


    Edit: Corrected a few "from memory" errors.






    share|improve this answer














    Add the users mason and bill to a new group, lets call them mbshare. Then change the permissions and group on the share point to match the new group. Finally add the users to the group.



    // create a new group
    
sudo groupadd mbshare
    
// change the permissions on the sharepoint
    
sudo chgrp -R mbshare /path/to/share
    
sudo chmod -R 2775 /path/to/share
    
// make the users part of the share group
    
sudo usermod -aG mbshare mason
    
sudo usermod -aG mbshare bill


    Now mason and bill can create and edit files in /path/to/share.



    The 2 in the 2775 permission flag means: (setGID bit) new files will have the same group as the directory and subdirectories inherit the same as parent.



    If you only want mason and bill to see the files within the share, use 2770 instead of 2775.



    The advantages of creating a custom group are significant.




    • It is easy to add or remove a new user to the group.

    • You can quickly see who has access to the group.

    • You can remove any user without the need to change any permissions.

    • Keeps things very neat and tidy :]


    Edit: Corrected a few "from memory" errors.







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Aug 28 '17 at 8:56

























    answered Aug 27 '17 at 10:38









    Tigger

    2,001812




    2,001812












    • Thanks very much for this, will give it a try. Would i need to create a user though named mbshare to be able to chown mbshare:mbshare /path/to/share
      – Mason
      Aug 27 '17 at 10:42










    • The mbshare group name was just an example name. You can call the group (almost) anything you like within the rules of a group name. For example: internalshare, groupshare, projectname, sharedjunk. What ever you call the group, substitute that in place of mbshare in the chown.
      – Tigger
      Aug 27 '17 at 10:48










    • I see what you mean regarding the share name, i thought chown 'mbshare:mbshare' means change ownership of this directory to user mbshare and group mbshare. Obviously user mbshare does not exist only the group mbshare does.
      – Mason
      Aug 27 '17 at 10:55










    • @Mason Fixed a number of errors.
      – Tigger
      Aug 28 '17 at 8:56




















    • Thanks very much for this, will give it a try. Would i need to create a user though named mbshare to be able to chown mbshare:mbshare /path/to/share
      – Mason
      Aug 27 '17 at 10:42










    • The mbshare group name was just an example name. You can call the group (almost) anything you like within the rules of a group name. For example: internalshare, groupshare, projectname, sharedjunk. What ever you call the group, substitute that in place of mbshare in the chown.
      – Tigger
      Aug 27 '17 at 10:48










    • I see what you mean regarding the share name, i thought chown 'mbshare:mbshare' means change ownership of this directory to user mbshare and group mbshare. Obviously user mbshare does not exist only the group mbshare does.
      – Mason
      Aug 27 '17 at 10:55










    • @Mason Fixed a number of errors.
      – Tigger
      Aug 28 '17 at 8:56


















    Thanks very much for this, will give it a try. Would i need to create a user though named mbshare to be able to chown mbshare:mbshare /path/to/share
    – Mason
    Aug 27 '17 at 10:42




    Thanks very much for this, will give it a try. Would i need to create a user though named mbshare to be able to chown mbshare:mbshare /path/to/share
    – Mason
    Aug 27 '17 at 10:42












    The mbshare group name was just an example name. You can call the group (almost) anything you like within the rules of a group name. For example: internalshare, groupshare, projectname, sharedjunk. What ever you call the group, substitute that in place of mbshare in the chown.
    – Tigger
    Aug 27 '17 at 10:48




    The mbshare group name was just an example name. You can call the group (almost) anything you like within the rules of a group name. For example: internalshare, groupshare, projectname, sharedjunk. What ever you call the group, substitute that in place of mbshare in the chown.
    – Tigger
    Aug 27 '17 at 10:48












    I see what you mean regarding the share name, i thought chown 'mbshare:mbshare' means change ownership of this directory to user mbshare and group mbshare. Obviously user mbshare does not exist only the group mbshare does.
    – Mason
    Aug 27 '17 at 10:55




    I see what you mean regarding the share name, i thought chown 'mbshare:mbshare' means change ownership of this directory to user mbshare and group mbshare. Obviously user mbshare does not exist only the group mbshare does.
    – Mason
    Aug 27 '17 at 10:55












    @Mason Fixed a number of errors.
    – Tigger
    Aug 28 '17 at 8:56






    @Mason Fixed a number of errors.
    – Tigger
    Aug 28 '17 at 8:56














    up vote
    0
    down vote













    It should be 775. Since both of them belong to same group. The group should have rwx right. The first 7 for the owner and second 7 for the group.






    share|improve this answer

























      up vote
      0
      down vote













      It should be 775. Since both of them belong to same group. The group should have rwx right. The first 7 for the owner and second 7 for the group.






      share|improve this answer























        up vote
        0
        down vote










        up vote
        0
        down vote









        It should be 775. Since both of them belong to same group. The group should have rwx right. The first 7 for the owner and second 7 for the group.






        share|improve this answer












        It should be 775. Since both of them belong to same group. The group should have rwx right. The first 7 for the owner and second 7 for the group.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Aug 27 '17 at 12:20









        Rengas

        1011




        1011






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f388629%2ffile-server-permission%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Morgemoulin

            Image
            Morgemoulin — miejscowość i gmina — Państwo   Francja Region Grand Est Departament Moza Okręg Verdun Kod INSEE 55357 Powierzchnia 6,82 km² Populacja  (1990) • liczba ludności 75 • gęstość 11 os./km² Kod pocztowy 55400 Położenie na mapie Francji Morgemoulin 49°14′N   5°35′E / 49,233333   5,583333 Portal Francja Morgemoulin – miejscowość i gmina we Francji, w regionie Grand Est, w departamencie Moza. Według danych na rok 1990 gminę zamieszkiwało 75 osób, a gęstość zaludnienia wynosiła 11 osób/km² (wśród 2335 gmin Lotaryngii Morgemoulin plasuje się na 970. miejscu pod względem liczby ludności, natomiast pod względem powierzchni na miejscu 848.). Bibliografia | Francuski urząd statystyczny ( fr. ) . p   •   d   •   e Gminy okręgu Verdun Abaucourt-Hautecourt • Aincreville • Ambly-sur-Meuse • Amel-sur-l'Étang • Ancemont • Arrancy-sur-Crusne • Aubréville • Autré...
            Read more

            Scott Moir

            Image
            Scott Moir Tessa Virtue i Scott Moir w 2016 r. Reprezentacja   Kanada Data i miejsce urodzenia 2 września 1987 London Wzrost 180 cm Konkurencja Pary taneczne Partner sportowy Tessa Virtue Trener Marie-France Dubreuil, Patrice Lauzon, Romain Haguenauer Poprzednio: Marina Zujewa, Oleg Epstein, Igor Szpilband, Johnny Johns, Carol Moir, Paul MacIntosh, Suzanne Killing Klub Montreal International School of Skating Poprzednio: Arctic Edge FSC Ilderton Skating Club Lokalizacja treningowa Montreal Poprzednio: Canton Kitchener Rekordy życiowe ISU przed sezonem 2018/2019 Nota łączna 206,07 Igrzyska Olimpijskie 2018 Taniec krótki 83,67 Igrzyska Olimpijskie 2018 Taniec dowolny 122,40 Igrzyska Olimpijskie 2018 Dorobek medalowy Reprezentacja   Kanada Igrzyska olimpijskie Złoto Vancouver 2010 pary taneczne Złoto Pjongczang 2018 pary taneczne Złoto Pjongczang 2018 drużynowo Srebro S...
            Read more

            Souastre

            Image
            Souastre — miejscowość i gmina — Herb Państwo   Francja Region Hauts-de-France Departament Pas-de-Calais Okręg Arras Kod INSEE 62800 Powierzchnia 7,18 km² Populacja  (1990) • liczba ludności 352 • gęstość 49 os./km² Kod pocztowy 62111 Położenie na mapie Francji Souastre 50°09′N   2°34′E / 50,150000   2,566667 Portal Francja Souastre – miejscowość i gmina we Francji, w regionie Hauts-de-France, w departamencie Pas-de-Calais. Według danych na rok 1990 gminę zamieszkiwały 352 osoby, a gęstość zaludnienia wynosiła 49 osób/km² (wśród 1549 gmin regionu Nord-Pas-de-Calais Souastre plasuje się na 887. miejscu pod względem liczby ludności, natomiast pod względem powierzchni na miejscu 507.). Bibliografia | Francuski urząd statystyczny ( fr. ) . p   •   d   •   e Gminy okręgu Arras Ablain-Saint-Nazaire Ablainzevelle Acheville Achicourt Achiet-le-Grand Achiet-le-Pe...
            Read more