[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [TEKNIK] group permissions



Tror jeg laeste dig forkert,

Laeste det somon det skulle arve rettighederne, og ikke kun gid, som var
hvad du mente ikke?

Saa giver det jo mening alligevel, beklager den lille blob her ;)

2008/2/25 Lennart Hansen <sslug@sslug>:

> Hmm, Troels, er du sikker paa det virker med at saette SGID, virkede ikke
> da jeg testede det.
>
> Vaer velkommen til at rette i min test.
>
>
> 1. Saetter rettighederne og laver bibloteket
> sslug@sslug:~$ chmod 2770 group-w-toplevel/
> sslug@sslug:~$ mkdir group-w-toplevel/write-here
> sslug@sslug:~$ logout
>
> 2. Laver ny fil i subdir
> sslug@sslug:~# su - test2
> sslug@sslug:~$ touch /home/test1/group-w-toplevel/write-here/test
> touch: cannot touch `/home/test1/group-w-toplevel/write-here/test':
> Permission denied
> - Kan jeg ikke.
>
> 3. Kan selvfoelgelig godt i top level med sgid og group write
> sslug@sslug:~$ touch /home/test1/group-w-toplevel/test
>
> - Permissions er rigtige
> sslug@sslug:~$ stat /home/test1/group-w-toplevel
> #  File: `/home/test1/group-w-toplevel'
>   Size: 4096            Blocks: 8          IO Block: 32768  directory
> Device: 13h/19d Inode: 1248293     Links: 3
> Access: (2770/drwxrws---)  Uid: ( 1001/   test1)   Gid: (  100/   users)
> Access: 2008-02-25 22:22:17.000000000 +0000
> Modify: 2008-02-25 22:23:17.000000000 +0000
> Change: 2008-02-25 22:23:17.000000000 +0000
> sslug@sslug:~$ stat /home/test1/group-w-toplevel/test
>   File: `/home/test1/group-w-toplevel/test'
>   Size: 0               Blocks: 0          IO Block: 32768  regular empty
> file
> Device: 13h/19d Inode: 1248321     Links: 1
> Access: (0644/-rw-r--r--)  Uid: ( 1002/   test2)   Gid: (  100/   users)
> Access: 2008-02-25 22:23:17.000000000 +0000
> Modify: 2008-02-25 22:23:17.000000000 +0000
> Change: 2008-02-25 22:23:17.000000000 +0000
>
> 4. Subdir har ikke arvet permissions.
> sslug@sslug:~$ stat /home/test1/group-w-toplevel/write-here/
>   File: `/home/test1/group-w-toplevel/write-here/'
>   Size: 4096            Blocks: 8          IO Block: 32768  directory
> Device: 13h/19d Inode: 1248309     Links: 2
> Access: (2755/drwxr-sr-x)  Uid: ( 1001/   test1)   Gid: (  100/   users)
> Access: 2008-02-25 22:22:49.000000000 +0000
> Modify: 2008-02-25 22:22:49.000000000 +0000
> Change: 2008-02-25 22:22:49.000000000 +0000
>
> 5. Brugere i samme gruppe.
> sslug@sslug:~$ id test1
> uid=1001(test1) gid=1001(test1) groups=1001(test1),100(users)
> sslug@sslug:~$ id test2
> uid=1002(test2) gid=1002(test2) groups=1002(test2),100(users)
> sslug@sslug:~$
>
>
>
> 2008/2/25 Troels Arvin <sslug@sslug>:
>
> Den Mon, 25 Feb 2008 21:26:39 +0100 skrev Kristian Nørgaard:
> > > Jeg er irriteret over at når der gennem min web-server skabes et dir:
> > > f.eks.
> > >
> > > drwxr-xr-x  6 www-data www-data 4096 2008-02-24 13:36 dirThruWeb
> > >
> > > så vil jeg gerne at gruppen www-data også har skrive rettigheder:
> > >
> > > drwxrwxr-x  6 www-data www-data 4096 2008-02-24 13:36 dirThruWeb
> > >
> > > hvordan kan jeg sikre at det sker hver gang www-data opretter et nyt
> > > dir?
> >
> > Du kan:
> >
> >  - Sørge for, at moder-kataloget til de
> >   kataloger, du skaber har s og w sat for
> >   gruppen:
> >   drwxrwsr-x motherdir
> >   (mode: 02775 i modsætning til fx 0775)
> >
> >   Dette gør, at nye filer/kataloger skabt i
> >   motherdir får samme gruppejer som motherdir,
> >   hvilket antagelig er hensigtsmæssigt i din
> >   situation.
> >
> >  - Sørge for, at den katalog-skabende
> >   proces har umask 002 i stedet for 022. Hvordan det sker,
> >   afhænger af, hvorledes programmet startes (fx Apache init-script),
> >   og/eller kan muligvis specificeres i en konfigurationsfil
> >   og/eller i din (fx PHP-) kode, du måtte anvende.
> >
> > --
> > Regards,
> > Troels Arvin <sslug@sslug>
> > http://troels.arvin.dk/
> >
> >
> >
>
>
> --
> Med Venlig Hilsen / Kind Regards
>
> Lennart Hansen




-- 
Med Venlig Hilsen / Kind Regards

Lennart Hansen


 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2008-03-01, 02:01 CET [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *