Recursive Permissions

Place to discuss Fedora and/or Red Hat
Post Reply
byrdman
administrator
administrator
Posts: 225
Joined: Thu May 08, 2003 1:59 pm
Location: In the cloud

Recursive Permissions

Post by byrdman » Mon Aug 17, 2009 2:53 pm

I was wondering what needs to be done so I can keep the permissions, user and group all the same on users' folders?
For example;
User1' s home dir is /home/clients/user1
User2's home dir is /home/client/user2
etc...

useradmin's home dir is /home/clients/ and he is allowed to upload to the www directory in the users folders. The www dir is the location of the "public_html"

I want the www directory, and all files in that director to stay as 775 and the owners stay as Userx.webgroup.

I don't want to see useradmin's name as the owner.group when he uploads a file into user2's www directory.

Does this make sense?

User avatar
Void Main
Site Admin
Site Admin
Posts: 5712
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Mon Aug 17, 2009 3:27 pm

That makes sense however I don't think there is a way to do *exactly* what you are asking from the OS level just by setting permissions/groups/masks/special attributes. The permissions part wouldn't be a big deal but the ownership might be a problem.

When you say "upload", what do you mean exactly? Is it FTP? If so which flavor is the FTP server? There may be some tricks in the FTP configuration to make the file ownership end up like you want. I suppose you could also have a job that would run a script (as root) to ensure permissions of all files under a particular directory match the names of the sub-directories under it (if we can't get the ownership the way you want via FTP configuration).

Having said all that normally ownership isn't an issue if you have your groups/permissions set up properly. It's not usually possible for one user to create a file owned by another user as that would be a security problem. Only the root user can change the ownership of a file to a user other than himself.

byrdman
administrator
administrator
Posts: 225
Joined: Thu May 08, 2003 1:59 pm
Location: In the cloud

Post by byrdman » Tue Aug 18, 2009 9:08 am

Sorry for not clarifying. By upload, I mean the designers connect via smb from their MACs. They modify the shows (part of the kiosk project) and upload the new shows to the users homedirs, which is part of the websites.
One way around that was I created a cron to chmod and chown every 5 minutes but that seemed so jenkey!

I guess I could sticky the group? and owner wouldn't matter then would it?

User avatar
Void Main
Site Admin
Site Admin
Posts: 5712
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main » Tue Aug 18, 2009 9:32 am

Correct, you should be able to do what you want solely with groups, modes, and umasks. It does seem rather odd that you are using a Microsoft technology to transfer data from a Mac to a Linux box though. :) I guess whatever works. Also, there are a LOT of options with Samba regarding permissions and ownership. I believe you can also have a script kicked off after a file is transferred which could be used to set the permissions as you want. I know this is the case with printing as I have a PDF print queue that triggers a script to run after a print job is collected, I thought the same could be done with a file copy but am not sure about that. I can check into it though.

Post Reply