• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 529
  • Last Modified:

osx remote computer permissions

we have a macpro machine which we use for data storage. The admin user is 'alain' but there are several other users (like 'stevenbeel') that can administrate (in group 'admins') the computer by smb (add/delete/modify folders and files in Finder).
When we create a new folder as one user (e.g. 'stevenbeel') then we do not have permissions to write or edit files in it as another admin user except for that user 'alain'.
(in attachment a screenshot of a directory (directory 'zero2') in which some admin users cannot write. You'll see at the end of the permissions there is a '+'. When that '+' is there, all admin users have all permssions to the directory.
How can other admin users create folders that immediately have all permissions set for all admin users?
Schermafbeelding-2010-09-22-om-1.jpg
0
ads711
Asked:
ads711
  • 2
  • 2
1 Solution
 
et01267Commented:
The '+' means there are extended permission attributes (access control list, or ACL) that control how files are modified.  I presume these ACL bits were inherited from the parent directory.

You can change the permissions on the parent directory so that admin users can write directories and files, and make these permissions inherited to subdirectories.

You can check the extended attributes using "ls -le", and you can change them using chmod.  Check the man page for chmod.  The command you want is something like

chmod +ai "admin allow read,write,delete,add_subdirectory,directory_inherit" .

but your requirements may differ, so read the man page.
0
 
ads711Author Commented:
now the permissions seem ok, but cannot copy files to subdirectories (no permissions) as another admin user.
Schermafbeelding-2010-09-22-om-1.jpg
0
 
et01267Commented:
You need to apply those ACL changes to all existing directories; the inheritance only works for directories created after the parent directory ACL has been changed.

You could try something like

chmod -R +ai

which will recursively apply the changes, but you may have problems when normal files are encountered.

You might need to do something like

find ./ -type d -exec "chmod -ai <perms you want> {}" \;

which finds each directory under ./ and applies the chmod.  Obviously, replace the <perms you want> with the permissions you want.

0
 
iPinkyCommented:
0
 
ads711Author Commented:
solved partially myself
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now