Re: Group rights

To: debian-user@lists.debian.org
Subject: Re: Group rights
From: Mark Roach <mrroach@okmaybe.com>
Date: 16 Sep 2003 13:39:42 -0400
Message-id: <[🔎] 1063733981.17178.6.camel@flmrroach>
In-reply-to: <[🔎] C49522BBA18FD6118D7900A0C92BB5917B4A99@CCIA_PDC>
References: <[🔎] C49522BBA18FD6118D7900A0C92BB5917B4A99@CCIA_PDC>

On Mon, 2003-09-15 at 22:12, Joyce, Matthew wrote:
> Dear Debain Users,
> 
> I'm a little confused regarding the use of group to assign file rights.
> 
> I was under the impression that user can be members of groups and groups can
> be used to assign permissions to files and folders.
> 
> How then, do I assign multiple groups, different permission to the same
> folders and do those permissions cascade downwards ?
> If they do, how do you stop them ?

Unix does not traditionally support this sort of thing and (somewhat
surprisingly to me) I have found that it is really not all that
necessary most of the time. However, if you do find it necessary, there
a number of good options, all of which involve ACLs.

If you use ext2/ext3, you can use the ACL patch for ext2/3 file systems,
or you can use XFS which supports ACLs out-of-the-box.

Posix ACLs are a bit different than either Windows' or Netware's
permissions/trustee systems. They allow you to do two things, Set (unix)
permissions for multiple users/groups, and set default permissions for
multiple users/groups. Check out the manpages for getfacl and setfacl
for more info.

For situations where you need them, they work quite well, most of the
time though, the group sticky bit on directories, and a special
task-oriented group does the job Good Enough

-Mark

Reply to:

References:
- Group rights
  - From: "Joyce, Matthew" <MJoyce@ccia.org.au>

Prev by Date: Re: No sourcing of ~/.profile at login
Next by Date: Re: Internet connections on windows machines
Previous by thread: Re: Group rights
Next by thread: Building Spamassassin 'testing' package on woody
Index(es):
- Date
- Thread