RE: Using chmod to share directories

To: debian-user@lists.debian.org
Subject: RE: Using chmod to share directories
From: Francisco Castellon <castf@shaw.ca>
Date: Sun, 20 Apr 2003 11:48:23 -0600
Message-id: <[🔎] 006a01c30765$0a8474d0$0501a8c0@OLYMPUS.LOCAL>
In-reply-to: <[🔎] 20030420091654.GB17688@doorstop.net>

> > > Hello list:
> > >
> > > 
> > >
> > > I have been reading the documentation on chmod on the manual pages
and
> > > from a few other sources, howver I still have a couple of
questions.
> > >
> > > 
> > >
> > > Alright, first this is what I want to do, I have a directory that
> > > belongs to ROOT and I want to make it readable, writable and
> > > executable to another user however I don't want to loose the
> > > permissions that root already has in that directory.
> > >
> > > 
> > >
> > > To illustrate, assume that I have a directory called DATA that is
> > > owned by root, and I have a user called "admin" to whom I want to
give
> > > full access to DATA, however I DO NOT want to "admin" give admin
any
> > > other root like permissions outside of that folder, so that is why
I
> > > don't want to add the "admin" user to the same group that root
belongs
> > > to (is it called "staff" or "root"?). So I really don't want to
open
> > > the DATA directory public to ALL users just to the "admin" user.
So
> > > essentially what I want to do is for the owner of the directory to
> > > give read, write and execute permissions to another user (or group
for
> > > that matter) for that directory. 
> >
> > Add your user "admin" to the group "adm" (man usermod)and set the
> > permissions on /DATA as follows:
> >
> > root@mhcln02:/ >chgrp adm DATA		#set group to adm for
/DATA
> > root@mhcln02:/ >chmod g+rwx DATA	#give rwx permissions to adm
> > root@mhcln02:/ >ll|grep DATA
> > drwxrwxr-x    2 root     adm            48 Apr 20 08:51 DATA
> 
> > Now all users in group "adm" can read and write in /DATA. Beware
that
> > "admin" can delete all files owned by root in /DATA but not modify
them.
>
> Also beware that "admin" can now read all of your system logs, since
> that's what the adm group gets you on a debian system.  If you only
want
> to grant access to this one particular directory, use a group just for
> this.  If you have the typical one-group-per-user setup, you can chgrp
> admin the directory.  If not, create a special group, add admin to
that
> group, and chgrp the directory to that group as well.
>
Does this mean that I cant assign permissions to multiple groups for one
directory? Meaning I could have GROUPA and GROUPB with rwx permissions
to the DATA directory?

Also can I add a group to an existent group?

Thanx!

Reply to:

Follow-Ups:
- RE: Using chmod to share directories
  - From: Matthias Hentges <eebe@gmx.net>

References:
- Re: Using chmod to share directories
  - From: Vineet Kumar <debian-user@virtual.doorstop.net>

Prev by Date: Re: Understanding LDAP structures
Next by Date: Re: ssh: "connection refused by tcp wrapper"
Previous by thread: Re: Using chmod to share directories
Next by thread: RE: Using chmod to share directories
Index(es):
- Date
- Thread