Re: Changing groups
"Dan Jones" <ddjones@riddlemaster.org> wrote:
> On Thu, 2003-08-14 at 16:21, Alan Shutko wrote:
> > Dan Jones <ddjones@riddlemaster.org> writes:
> >
> > > For example, say I supervise several teams working on a project. Each
> > > person should have access to only the project directories of their
> > > teams. However, some people are on more than one team. And as
> > > supervisor, I'm a member of them all.
> >
> > For the most part, there's no reason to change groups. When you log
> > in, your session is considered a member of all the groups it is
> > defined to be in (up to some number I can't remember). The common
> > usage method is "I just added you to the group, Bob. Log out and log
> > back in."
>
> Uh, no. That's the way I thought it worked. That's the way BSD works.
> That's not the way Linux works. I found this out the hard way when I
> created groups and could not access files owned by them, even though I
> was clearly in the group. From "Linux Unleashed" by Tim Parker:
>
> <Quote>
> You are a member of one group at all times. When you log in you are
> placed in your default group, which is set when root creates your user
> account. You can belong to many different groups, but you can be logged
> in to only one group at a time. To change the group you are a member of,
> use the newgrp command. For example, if you are a member of a group
> called users and also a group called programmers, and you need to change
> to the programmers group because they have special access to a compiler,
> issue this command:
>
> newgrp programmers
>
> Linux does not tell you which group youʼre in. Usually the only way to
> find out which group is active is to save a file and then look at the
> permissions.
> </Quote>
>
> > Why is newgrp there? Two reasons. One, to change to a group you
> > aren't defined as a member of, but have the password (who ever
> > thought THAT was a good idea!). Two, to get a shell in that group
> > without logging everything out.
>
> Try it yourself. Create a new group and add yourself to it. Then
> create a file, change it's owner to whoever and its group to the new
> group. Set permissions to 770 and try to read the file.
>
> Then use newgrp to change your group and try to read it.
>
Wierd, works for me:
# -> root prompt
$ -> user prompt
$ groups
jacob audio
$ mkdir test_audio
$ chgrp audio test_audio
$ chmod g+ws test_audio
$ chmod o-rwx test_audio
$ su
# chown root test_audio
# exit
$ cd test_audio
$ echo "Hi bob" > whoami
$ cat whoami
Hi bob
$ ls -l whoami
-rw-rw-r-- 1 jacob audio 7 Aug 14 16:46 whoami
$ chmod o-r whoami
$ su
# chown root whoami
# exit
$ echo "Hi frank" >> whoami
$ cat whoami
Hi bob
Hi frank
$ ls -l whoami
-rw-rw---- 1 root audio 16 Aug 14 16:47 whoami
Reply to: