Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 15 Sep 2009 22:53:15 +0200
From:      Giulio Ferro <auryn@zirakzigil.org>
To:        freebsd-hackers@freebsd.org
Subject:   ZFS group ownership
Message-ID:  <4AAFFEBB.4030907@zirakzigil.org>
next in thread | raw e-mail | index | archive | help 
I don't know if this is the correct list to discuss this matter, if not
I apologize in advance.

I've always understood group ownership as a way to allow members of
the same group to operate on files / folders which belong to that group,
while leaving out others.
Let's suppose to have a directory /root/test (UFS file system)
I do this:
cd /root
chmod -R 770 test
chown -R www:www test
(I use group www as an example, since it's already present on a base system)

My user "gferro" also belongs to group www and has umask 007
su - gferro
touch qweq
mkdir asda

If I watch now the file and directory I've just created:
---------------------------------------------------------------
%ls -la
total 6
drwxrwx---  3 www     www    512 Sep 12 13:39 .
drwxr-xr-x  4 root    wheel  512 Sep 12 13:02 ..
drwxrwx---  2 gferro  www    512 Sep 12 13:39 asda
-rw-rw----  1 gferro  www      0 Sep 12 13:38 qweq
---------------------------------------------------------------

I see that both belongs to group www, even though gferro's base
group is "gferro":
---------------------------------------------------------------
id gferro
uid=1001(gferro) gid=1001(gferro) groups=1001(gferro),80(www)
---------------------------------------------------------------

This means that all those user's who belong to group "www" will be
able to work with the files and directories I've created.


Now I try to do the same on a zfs partition on the same machine
This is what I see with ls
---------------------------------------------------------------
ls -la
total 4
drwxrwx---  3 www     www     4 Sep 12 13:43 .
drwxr-xr-x  4 root    wheel   4 Sep 12 13:43 ..
drwxrwx---  2 gferro  gferro  2 Sep 12 13:43 asda
-rw-rw----  1 gferro  gferro  0 Sep 12 13:43 qweq
---------------------------------------------------------------

As you can see, both file and directory belongs now to "gferro" and
not "www". This means that other users won't even be able to read
my files / dir, let alone modify them.

What I ask now is: is this a bug or a feature?
How can I achieve my goal in ZFS, that is allowing members of the same
group to operate with the files / dirs they create?

Thanks in advance.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4AAFFEBB.4030907>