• Home
  • Help
  • Search
  • Login
  • Register
Pages: 1 [2]
Author Topic: ACLs in kernel 2.6.22.18 ?  (Read 4516 times)
guepe
Newbie
*

Karma: 0
Posts: 10


View Profile
« Reply #15 on: September 23, 2009, 08:12:34 AM »

Thanks all !
The problem is : after setting gid bit, like this
drwxrwsr-x 4 root      nasuser    4096 2009-09-20 21:33 public

Notice the 's' bit ;-) and my users belonging to nasusuer group

etienne@debian:/home$ groups
etienne nasuser

etienne@debian:/home/public$ pwd
/home/public

If i create a file

etienne@debian:/home/public$ echo 1 > test

Then try to modify it with another user belonging to nasusuer group

daniel@debian:/home/public$ groups
daniel nasuser
daniel@debian:/home/public$ echo 2 >> test
bash: test: Permission denied

daniel@debian:/home/public$ ls -l test
-rw-r--r-- 1 etienne nasuser 2 2009-09-23 17:11 test

It _does not_ work ! Why ? I must have forgotten something ?!
Logged

DamonHD
Full Member
***

Karma: 4
Posts: 169


View Profile WWW
« Reply #16 on: September 23, 2009, 08:57:10 AM »

You will also need to ensure that users' umasks are sufficiently permissive to allow group writes, so that creating a file in that directory gets mode 664 or 660 or 775 (XX7 is not a good idea).

Rgds

Damon
« Last Edit: September 25, 2009, 12:03:11 AM by DamonHD » Logged

guepe
Newbie
*

Karma: 0
Posts: 10


View Profile
« Reply #17 on: September 24, 2009, 11:39:32 AM »

I did a chmod -R 775 public as root

But, when creating a file in this directory, the file has rights 755, so read only for group, so another user can't write to it.

What is still missing ?
Thank you _very_ much for you help
Logged

birdman
Sr. Member
****

Karma: 4
Posts: 443


View Profile WWW
« Reply #18 on: September 24, 2009, 04:26:51 PM »

What is still missing ?
The umask of the creating process has to be x0x.  Nothing you can set on the directory permissions controls what is set on an newly-created entry permission.
Logged

guepe
Newbie
*

Karma: 0
Posts: 10


View Profile
« Reply #19 on: September 24, 2009, 05:20:49 PM »

I am not so sure to perfectly understand (english is not my native language). Do you mean that we can't control the permissions assigned by newly created files ?
So there are no solutions ?? THere must be one nice solution, forcing that all created files in a directory being 775 permissions !?
Logged

tinker
Newbie
*

Karma: 2
Posts: 43


View Profile
« Reply #20 on: September 24, 2009, 10:49:15 PM »

Read either

man umask

or

http://www.kernel.org/doc/man-pages/online/pages/man2/umask.2.html

and then read

http://www.linuxsecurity.com/content/view/117255/
« Last Edit: September 24, 2009, 10:53:35 PM by tinker » Logged

guepe
Newbie
*

Karma: 0
Posts: 10


View Profile
« Reply #21 on: September 28, 2009, 05:02:35 PM »

You were right : applying an umask of 007 make all files and directoyies newly created being with rights rwxrwx---

Thanks all !
Logged

Pages: 1 [2]
Print
Jump to: