2

In our FreeBSD-environment where we have one server that acts as a file-server, we have a problem that our system administrator says can not be fixed.

All our files resides in a directory and we all have access to that directory, its sub-directories and files. The problem is that once a user in our group creates a file or directory, we have to chmod that directory or file to change the rights so that others in our group can access, read, write and delete. These are not files or sub-directories inside our home-directories, but in a directory where we are supposed to work with them on a daily basis.

Finding it difficult to believe that there is no good solution, I would request that someone assist me with a solution.

Radix
  • 667
  • 5
  • 28
Henrik
  • 23
  • 3

2 Answers2

2

I think what you want is a setgid bit on the directories and umask. Then newly created there files and directories will have proper group and proper permissions to let others read abd write them.

find /your-files-are-rooted-here -type d -print0 | xargs -0 chmod ug+rw,g+s

and set umask to 002 (or whatever is appropriate). And, of course, you may want to fix permissions for existing files (the command above only takes care of directories).

Michael Krelin - hacker
  • 138,757
  • 24
  • 193
  • 173
  • This does not seem to do the trick: new files and folder still needs to be chmodded... Or our sys-admin did it wrong. – Henrik Aug 27 '09 at 10:55
  • Having to `chmod` them (as opposed to `chown`) sounds like the lack of effective `umask` setting. – Michael Krelin - hacker Aug 27 '09 at 13:16
  • The weird thing is this: if I'm using expandrive and letting say textmate create a file, it gets rw-r--r-- ... but if I use touch in the terminal to create the file, the file gets rw-rw-r-- Sorry to trouble you so much but since my sys-admin can not fix this, and it drives me crazy, I turn to stackoverflow... and you mr 'hacker' ofcourse! – Henrik Sep 03 '09 at 13:00
  • I have no idea what are expandrive, but my guess is - it is a kind of `ftp`/`sftp`/`smb`/whatever client. That means, that your sysadmin has set umask for the normal logins, but either forgot to do that with remote file access service or it is not possible (I have no idea which is the case). In the latter case it may be *your* responsibility to ensure the proper umask is in effect. But I'd start off asking sysadmin whether he can take care of it on the service level. – Michael Krelin - hacker Sep 03 '09 at 13:08
0

One place to but the umask setting is "/etc/bashrc". Find "umask". Change "umask = 022" to "umask = 002". After doing this, when a new file created, every one in the same group with the file owner can write in this new file.

Note that this only works for files created from the shell, specifically bash.

Henrik Mühe
  • 419
  • 3
  • 24
william-yang
  • 112
  • 1
  • 2