Solved

osx remote computer permissions

Posted on 2010-09-22
5
520 Views
Last Modified: 2013-11-12
we have a macpro machine which we use for data storage. The admin user is 'alain' but there are several other users (like 'stevenbeel') that can administrate (in group 'admins') the computer by smb (add/delete/modify folders and files in Finder).
When we create a new folder as one user (e.g. 'stevenbeel') then we do not have permissions to write or edit files in it as another admin user except for that user 'alain'.
(in attachment a screenshot of a directory (directory 'zero2') in which some admin users cannot write. You'll see at the end of the permissions there is a '+'. When that '+' is there, all admin users have all permssions to the directory.
How can other admin users create folders that immediately have all permissions set for all admin users?
Schermafbeelding-2010-09-22-om-1.jpg
0
Comment
Question by:ads711
  • 2
  • 2
5 Comments
 
LVL 8

Expert Comment

by:et01267
ID: 33733984
The '+' means there are extended permission attributes (access control list, or ACL) that control how files are modified.  I presume these ACL bits were inherited from the parent directory.

You can change the permissions on the parent directory so that admin users can write directories and files, and make these permissions inherited to subdirectories.

You can check the extended attributes using "ls -le", and you can change them using chmod.  Check the man page for chmod.  The command you want is something like

chmod +ai "admin allow read,write,delete,add_subdirectory,directory_inherit" .

but your requirements may differ, so read the man page.
0
 

Author Comment

by:ads711
ID: 33735534
now the permissions seem ok, but cannot copy files to subdirectories (no permissions) as another admin user.
Schermafbeelding-2010-09-22-om-1.jpg
0
 
LVL 8

Accepted Solution

by:
et01267 earned 500 total points
ID: 33735681
You need to apply those ACL changes to all existing directories; the inheritance only works for directories created after the parent directory ACL has been changed.

You could try something like

chmod -R +ai

which will recursively apply the changes, but you may have problems when normal files are encountered.

You might need to do something like

find ./ -type d -exec "chmod -ai <perms you want> {}" \;

which finds each directory under ./ and applies the chmod.  Obviously, replace the <perms you want> with the permissions you want.

0
 
LVL 5

Expert Comment

by:iPinky
ID: 33742765
0
 

Author Closing Comment

by:ads711
ID: 34290959
solved partially myself
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Deploystudio is a system which can be used to deploy OSX clients and servers within the small/medium or large business environments. The system is built ontop of the OSX Server NetBoot system and uses images & workflows as its core assets. Although …
Apple's Mac OS X has become an official member of the malware club. The Flashback Trojan has affected over half million Macs, worldwide. It is behavior that ultimately gets malware onto a person’s computer. Obsolete or out-of-date software helps…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question