From owner-freebsd-questions@FreeBSD.ORG Mon May 23 20:21:20 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AF46B16A41C for ; Mon, 23 May 2005 20:21:20 +0000 (GMT) (envelope-from chris@dawgiestyle.com) Received: from pd2mo2so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4DEDF43D1F for ; Mon, 23 May 2005 20:21:20 +0000 (GMT) (envelope-from chris@dawgiestyle.com) Received: from pd4mr7so.prod.shaw.ca (pd4mr7so-qfe3.prod.shaw.ca [10.0.141.84]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IGY00G0OLVJ7U60@l-daemon> for freebsd-questions@freebsd.org; Mon, 23 May 2005 14:21:20 -0600 (MDT) Received: from pn2ml7so.prod.shaw.ca ([10.0.121.151]) by pd4mr7so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IGY004XCLVJN7G0@pd4mr7so.prod.shaw.ca> for freebsd-questions@freebsd.org; Mon, 23 May 2005 14:21:19 -0600 (MDT) Received: from server.dawgiestyle.lan (S01060080c8d67c9e.ed.shawcable.net [68.148.128.53]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with SMTP id <0IGY00G2QLVJII@l-daemon> for freebsd-questions@freebsd.org; Mon, 23 May 2005 14:21:19 -0600 (MDT) Received: (qmail 76891 invoked by uid 1022); Mon, 23 May 2005 20:21:19 +0000 Received: from 192.168.1.101 by server.dawgiestyle.lan (envelope-from , uid 82) with qmail-scanner-1.25 (clamdscan: 0.83/718. spamassassin: 3.0.2. Clear:RC:1 (192.168.1.101):. Processed in 0.088752 secs); Mon, 23 May 2005 20:21:19 +0000 Received: from unknown (HELO ubuntu.dawgiestyle.lan) (192.168.1.101) by server.dawgiestyle.lan with SMTP; Mon, 23 May 2005 20:21:19 +0000 Date: Mon, 23 May 2005 14:21:19 -0600 From: Chris Warren In-reply-to: <4292399E.30107@ctzen.com> To: cs Message-id: <1116879679.11570.0.camel@localhost.localdomain> MIME-version: 1.0 X-Mailer: Evolution 2.2.1.1 Content-type: multipart/signed; boundary="=-1XThMz6/mktYitEn4VtZ"; protocol="application/pgp-signature"; micalg=pgp-sha1 X-Qmail-Scanner-Mail-From: chris@dawgiestyle.com via server.dawgiestyle.lan X-Qmail-Scanner: 1.25 (Clear:RC:1(192.168.1.101):. Processed in 0.088752 secs) References: <42900CC6.4090701@ctzen.com> <44wtpq13lu.fsf@be-well.ilk.org> <20050523093759.M47072@mail.goinet.com> <44u0ktzufo.fsf@be-well.ilk.org> <4292399E.30107@ctzen.com> Cc: FreeBSD Subject: Re: Is this possible ? inherit group permissions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 May 2005 20:21:20 -0000 --=-1XThMz6/mktYitEn4VtZ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Just a guess, but would the sticky bit help here? Chris On Mon, 2005-23-05 at 16:14 -0400, cs wrote: > Lowell Gilbert wrote: > > Tony Shadwick writes: > >=20 > >=20 > >>On Mon, 23 May 2005, Lowell Gilbert wrote: > >> > >> > >>>cs writes: > >>> > >>> > >>>>For a directory, e.g. foo/, if I chmod 775 foo/, is it possible for > >>>>newly created files and directories under foo/ to automagically > >>>>inherit the group permissions of foo ? > >>>> > >>>>e.g. > >>>>touch foo/test would be rw-rw-r-- > >>>>mkdir foo/sub would be rwxrwxr-x > >>>> > >>>>I am looking for a non umask solution. > >>>> > >>>>I seem to remember in debian, I was able to make the group permission= s > >>>>of the parent directory special for this magic to occur. > >>>> > >>>>I wonder if there is something similar in FBSD. > >>> > >>>If you set the suid bit, both owner *and* group will be set. > >=20 > >=20 > >>I'll have to remember that one. So if /home is a filesystem unto > >>itself, if you set the suid bit on /home, all further creation beneath > >>it will inherit the permissions you set above? > >=20 > >=20 > > Only *directly* underneath it. Obviously you wouldn't want to do that > > for /home, but I find it quite useful on shared project directories > > and the like. >=20 > If you are talking about inheriting group identity, that is not what I=20 > am asking for. I believe this is automagic under fbsd, e.g. >=20 > mkdir foo > chgrp somegroup foo > touch foo/foofile > mkdir foo/foodir >=20 > foo/foofile and foo/foodir will have gid somegroup (without any suid or=20 > sgid). >=20 > What I am more interested in is inherting group permissions. >=20 > For example, I have a directory /var/www/foosite, which allows several=20 > different users to maintain it. >=20 > One way to do it is to use a common account for all the users to=20 > maintain foosite. >=20 > But it is "too loose" in accountability. >=20 > Going full version control (cvs/subversion) is not really desired for me=20 > because it's not a "mission critical" thing. >=20 > What I would like to do is create a group (say foogroup), assign all=20 > maintainers to the group, chgrp foogroup /var/www/foosite, and chmod g+w=20 > /var/www/foosite. >=20 > Here is the "fun" part. >=20 > User umask is 022 (which I would like to maintain). >=20 > touch foosite/foofile > mkdir foosite/foodir >=20 > would render those new file/dir NOT group writable. >=20 > umask 002 would make them group writable BUT it is a "global" setting=20 > and would affect other parts of the file system as well (e.g. user's home= ). >=20 > Plus not all users are savvy enough to do umask 002 / umask 022 whenever=20 > necessary. >=20 > I am looking for an "elegant" solution which I doubt I will find. >=20 > After some thoughs, this is my "compromized" solution. >=20 > The users will maintain foosite via ftp (within a VPN), and I use vsftpd=20 > and set the ftp umask to 002. >=20 > -cs > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" --=-1XThMz6/mktYitEn4VtZ Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQBCkjs+5oLdYlMF6RsRAugKAKCJrwdvImFkkGssACVDZBBw9JQ2HgCeJfva koxfEiznp5bzYS9L9965mP8= =uXtZ -----END PGP SIGNATURE----- --=-1XThMz6/mktYitEn4VtZ--