User specific permission - help please!


Recommended Posts

Hello,

I need to figure out how to assign permission to specific user for a directory.

Current permissions

r-xr-xr-x /tmp/project/test

So is it possible to assign write permission to specific user w/out changing the ugo permissions for this directory? If so how?

Link to comment
Share on other sites

can you change the group that owns the file?

if so:

sudu chown [current owner]:[group of with other user] /path/to/somedirectory

I might have /var/www/testingdocs that I want only one a two users to access. i could create a group called 'wwwusrs' add the two usernames (plus one for whatever apache is running as) and then change the ownership of the testingdocs folder so that it's owned by www:wwwusers or something.

then chmod the directories group permission as needed.

Link to comment
Share on other sites

Actually that is very possible. Thanks for the hints.

Still, I have one problem in front of me, which is:

r-xr-xr-x /tmp/project/test

this directory's owner group has bunch of members and I don't want to give the whole group write permission.

If I create a special group with write permission and add the user I need to give write permission to this new group then do,

sudu chown [current owner]:[group of with other user] /tmp/project/test

the owner of this dir will become the new group and the existing group will become "o" in "ugo" table.

Now, since all others already have same r-w permission same as "g" in ugo, this will most likely work.

Hypoteticly speaking, if all others had , let's say, r-- permission, changing the owner group of the directory would cause whole bunch of other headaches. Example:

Now:

r-xr-xr-- /tmp/project/test (owner group=old group)

___l____

---This one will become

After modification:

rwxrwxr-- /tmp/project/test (owner group=new group)

_______l___

------This one

Is this correct or am I getting completely lost here?

Link to comment
Share on other sites

Thanks to all for suggestions.

I have found a solution to my problem with acl ACCESS CONTROL LIST.

With acl there is no need to change the group or user permissions and permissions to specific user(s) and/or group(s) could be assigned.

For more info, try man setacl, man acl, man setfacl

I my case I was able to assign acl permission to one user who was not a member of the groups file owner.

Command to enter will differ by your distribuation. The one I used was:

setfacl -s user:username:rwx /tmp/project/test

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.