[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [TEKNIK] group permissions

Hmm, Troels, er du sikker paa det virker med at saette SGID, virkede ikke da
jeg testede det.

Vaer velkommen til at rette i min test.


1. Saetter rettighederne og laver bibloteket
sslug@sslug:~$ chmod 2770 group-w-toplevel/
sslug@sslug:~$ mkdir group-w-toplevel/write-here
sslug@sslug:~$ logout

2. Laver ny fil i subdir
sslug@sslug:~# su - test2
sslug@sslug:~$ touch /home/test1/group-w-toplevel/write-here/test
touch: cannot touch `/home/test1/group-w-toplevel/write-here/test':
Permission denied
- Kan jeg ikke.

3. Kan selvfoelgelig godt i top level med sgid og group write
sslug@sslug:~$ touch /home/test1/group-w-toplevel/test

- Permissions er rigtige
sslug@sslug:~$ stat /home/test1/group-w-toplevel
#  File: `/home/test1/group-w-toplevel'
  Size: 4096            Blocks: 8          IO Block: 32768  directory
Device: 13h/19d Inode: 1248293     Links: 3
Access: (2770/drwxrws---)  Uid: ( 1001/   test1)   Gid: (  100/   users)
Access: 2008-02-25 22:22:17.000000000 +0000
Modify: 2008-02-25 22:23:17.000000000 +0000
Change: 2008-02-25 22:23:17.000000000 +0000
sslug@sslug:~$ stat /home/test1/group-w-toplevel/test
  File: `/home/test1/group-w-toplevel/test'
  Size: 0               Blocks: 0          IO Block: 32768  regular empty
file
Device: 13h/19d Inode: 1248321     Links: 1
Access: (0644/-rw-r--r--)  Uid: ( 1002/   test2)   Gid: (  100/   users)
Access: 2008-02-25 22:23:17.000000000 +0000
Modify: 2008-02-25 22:23:17.000000000 +0000
Change: 2008-02-25 22:23:17.000000000 +0000

4. Subdir har ikke arvet permissions.
sslug@sslug:~$ stat /home/test1/group-w-toplevel/write-here/
  File: `/home/test1/group-w-toplevel/write-here/'
  Size: 4096            Blocks: 8          IO Block: 32768  directory
Device: 13h/19d Inode: 1248309     Links: 2
Access: (2755/drwxr-sr-x)  Uid: ( 1001/   test1)   Gid: (  100/   users)
Access: 2008-02-25 22:22:49.000000000 +0000
Modify: 2008-02-25 22:22:49.000000000 +0000
Change: 2008-02-25 22:22:49.000000000 +0000

5. Brugere i samme gruppe.
sslug@sslug:~$ id test1
uid=1001(test1) gid=1001(test1) groups=1001(test1),100(users)
sslug@sslug:~$ id test2
uid=1002(test2) gid=1002(test2) groups=1002(test2),100(users)
sslug@sslug:~$



2008/2/25 Troels Arvin <sslug@sslug>:

> Den Mon, 25 Feb 2008 21:26:39 +0100 skrev Kristian Nørgaard:
> > Jeg er irriteret over at når der gennem min web-server skabes et dir:
> > f.eks.
> >
> > drwxr-xr-x  6 www-data www-data 4096 2008-02-24 13:36 dirThruWeb
> >
> > så vil jeg gerne at gruppen www-data også har skrive rettigheder:
> >
> > drwxrwxr-x  6 www-data www-data 4096 2008-02-24 13:36 dirThruWeb
> >
> > hvordan kan jeg sikre at det sker hver gang www-data opretter et nyt
> > dir?
>
> Du kan:
>
>  - Sørge for, at moder-kataloget til de
>   kataloger, du skaber har s og w sat for
>   gruppen:
>   drwxrwsr-x motherdir
>   (mode: 02775 i modsætning til fx 0775)
>
>   Dette gør, at nye filer/kataloger skabt i
>   motherdir får samme gruppejer som motherdir,
>   hvilket antagelig er hensigtsmæssigt i din
>   situation.
>
>  - Sørge for, at den katalog-skabende
>   proces har umask 002 i stedet for 022. Hvordan det sker,
>   afhænger af, hvorledes programmet startes (fx Apache init-script),
>   og/eller kan muligvis specificeres i en konfigurationsfil
>   og/eller i din (fx PHP-) kode, du måtte anvende.
>
> --
> Regards,
> Troels Arvin <sslug@sslug>
> http://troels.arvin.dk/
>
>
>


-- 
Med Venlig Hilsen / Kind Regards

Lennart Hansen

 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2008-03-01, 02:01 CET [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *