Yes. I use ACL's on Windows 2000/2003 and it works great. Files copied
from the users PC to server directories inherit the server directory
permissions and there can be multiple permissions (usually set on a group
basis) to control access. I am running Redhat 8 with 2.4.18-14smp kernel so
I should be fine to run ACL's. I'll do some homework and test out the
ACL's. If I go down that road, will new files that are copied up to the
server via scp inherit the permissions of the directory? Or will they still
retain the permissions (and attributes) of the user that did the copying?
Thanks,
Steve
-----Original Message-----
From: slug@nks.net [mailto:slug@nks.net] On Behalf Of
backwardthinker@juno.com
Sent: Wednesday, June 16, 2004 7:24 PM
To: slug@nks.net
Subject: RE: [SLUG] shares on samba
> Does anybody know how to get this done in scp?
<snip>
> Ideally I would like to set permissions on the
> directory and have any files copied into it assume
> the permissions of the directory instead of retaining
> the permissions of the user.
Probably the easiest thing, which is not exactly what you
asked for, is to make both users a member of the same default group (and
make sure umask doesn't disable group write on file creation).
You could also try suid and sgid bits on the directory, like the sticky bit,
but 2 (group) or 4 (user) instead of 1 (other). On some systems it will
cause files written to the directory to be owned by the uid and gid of the
directory.
But the "real" way to do what you asked is with file acl's, specifically a
Default ACL on the directory. Your kernel/filesystem will need to support
ACL's (most distros within the last few years do), and you will need to
specify acl as a mount option for the filesystem. From there, man setfacl
and getfacl, but long story short you'll want something like: setfacl -m
default:group:(groupname):rwx (directoryname) but with some other stuff in
there too.
ACL's can add some complexity to administration, but that's mostly because
it's not as simplistic as classic ugo-style permissions. Simplicity of ugo
is great, until you need more :(.
~ Daniel
________________________________________________________________
The best thing to hit the Internet in years - Juno SpeedBand! Surf the Web
up to FIVE TIMES FASTER! Only $14.95/ month - visit www.juno.com to sign up
today!
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages posted
are those of the author and do not necessarily reflect the official policy
or position of NKS or any of its employees.
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:47:48 EDT