Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 274
  • Last Modified:

Setting permissions based on directory independent of owner

Anyone know how to set one set of default file permission on one file/directroy and another set of permissions on another ?

Set A might be:
 - read/write owner, everyone else read

Set B might be:
 - read/write developers, everyone else read

So that if any file/directory is created it will take on the permission of the section rather than the default permissions of the user. This is at the filesystem level and not exposed through Samba or any other mechanism.

Example: A web server is running on a debian box. Developers have local changes in their home directory which they wish to copy to the site served by the web server. When in their own home directory, a developer's files have "Set A" permissions. When a file is copied to the web directory, its permissions should change to those of "Set B".

Ideally this should require no manual altering of permissions, and should be taken care of by the filesystem to reduce the chance of human error by as much as possible. Is there a way to achieve this?

1 Solution
No, there is no way to do this.

The only control the directory has on the files is the group-ownership (sgid on the directory will set newly created files to the same group as the directory).

This is because files can live in more than one directory in Unix, unlike just about any other OS.
nwranghamAuthor Commented:

I was worried that would be the case

Thanks for your help
Not entirely true.
Newer kernel has the feature called inotify, where You can plug Your own actions to be taken upon file change/creation.
Could be that, but I never use it.

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now