Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 14 Dec 2001 07:59:02 -0800
From:      "Drew Tomlinson" <drew@mykitchentable.net>
To:        "Ulrich Gruenebaum" <grueneba@zkom.de>, "Mike Meyer" <mwm-dated-1008707898.7dd171@mired.org>
Cc:        <questions@freebsd.org>
Subject:   Re: group permissions
Message-ID:  <00cc01c184b8$3fbfd530$0301a8c0@bigdaddy>
References:  <15385.4538.743578.879745@guru.mired.org>

next in thread | previous in thread | raw e-mail | index | archive | help

----- Original Message -----
From: "Mike Meyer" <mwm-dated-1008707898.7dd171@mired.org>
To: "Ulrich Gruenebaum" <grueneba@zkom.de>
Cc: <questions@freebsd.org>
Sent: Thursday, December 13, 2001 12:38 PM
Subject: Re: group permissions


> Ulrich Gruenebaum <grueneba@zkom.de> types:
> > Hi,
> >
> > does anybody know how to solve the following
> > administration problem on a FreeBSD file server:
> >
> > - There a some large files on the server,
> >   belonging to someone.
> >
> > - The owner and some other users must be able
> >   to read and write them.
> >
> > - Another group of users shall have read-only access.
> >
> > - All remaining users shall have
> >   neither read nor write access.
> >
> > My approach was, to specify group-permissions like below,
> > and putting all r/w users into the specific group 'rwgroup',
> > but this does not allow me to distinguish between the users
> > with r/w and the users with read-only permission.
> >
> >  > ls -lF  file
> >  -rw-rw----  1  user   rwgroup   1024 Dec 13 14:55 file
> >
> > (the owner and all users who are members in group 'rwgroup'
> > have r/w access, others have no access at all. But how can
> > I give read-only access to an additional group of users??)
>
> You might check out sudo; it's in the ports and may be able to
handle
> this.
>
> As a general rule, when you talk about someone needing read or
> read/write access to a file, you're actually talking about them
> running a specific application to read or read/write the file. The
> Unix way of dealing with this is the setgid and/or setuid bits.
>
> Extending your example, you have user, rgroup, and rwgroup, and two
> applications, reader and writer. You make the file like so:
>
>   -rw-r-----  1  user    rgroup   1024 Dec 13 14:55 file

I was reading your post as they are always informative and helpful.  I
don't understand why the group would be 'rgroup' instead of 'rwgroup'.
What am I missing?

Thanks,

Drew

> And the two applications like so:
>
>   ---x--x---  1  user    rgroup   1024 Dec 13 14:55 reader
>   ---s--x---  1  user   rwgroup   1024 Dec 13 14:55 writer
>
> People in rgroup will be able to run reader, and be able to read the
> file. People in group rwgroup will be able to run writer, which will
> then act as "user" instead of them, and hence have read/write access
> to the file. If people in rwgroup also have to run reader, you can
put
> them in rgroup as well.
>
> <mike
> --
> Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/
> Independent WWW/Perforce/FreeBSD/Unix consultant, email for more
information.
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00cc01c184b8$3fbfd530$0301a8c0>