Avatar of Mccalma1
Mccalma1 asked on

Need help with setting group permissions on a folder in linux

Hi,

I need to setup a folder with the following requirements.

Folder name:             test_group
Member of Group:    test_group

Only members of group "test_group" can write to folder "test_group".
Currently it's not working as planned. For example: userX and userY are members of tes_group. If userX creates a file in the test_group directory, then userY should be able to edit and save that file. In my current setup, userY can not edit the file as a permissions error pops up.

My permissions on folder test_group are setup as follows:
drwxr-xr-x  2 5001 test_group  4096 Sep 11 09:41 test_group

 This should be easy, but I'm struggling for some reason....
Linux SecurityIT AdministrationLinux

Avatar of undefined
Last Comment
simon3270

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Seth Simmons

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
Mccalma1

I made the change and now it works properly on the Linux server, but does not work on the Solaris 10 client.

Here are the new settings on the server:
drwxrwxr-x   2    5001 test_group       4096 Sep 12 11:38 test_group

The test_group folder is exported via NFS.

Here is what is in /etc/exports on the linux server:
/media/raid/test_group      192.168.0.0/255.255.0.0(sync,insecure,no_subtree_check,insecure_locks,rw)

I suspected that the Solaris computer was not recognizing the group, so I typed the following:
"ypcat group.byname | grep test_group" and the following was displayed, "test_group::510:userX,userY", so it should recognize the group.
 
 I'm not sure what to look at next?
ASKER
Mccalma1

I just noticed your last line regarding umask. How do I do that?

Like this???
umask 002 test_group
Seth Simmons

just umask 022
you can put it for either all users in /etc/profile or (if the user is using bash) put in their ~/.bashrc file
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Seth Simmons

i've done little with solaris but a quick look doesn't seem to be that different; the profile file is different though (scroll about half way down)

http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/395-398.html
ASKER
Mccalma1

The umask was already set for 002. It's still not working properly on the Solaris client.
SOLUTION
simon3270

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
Mccalma1

I think you may have nailed the problem Simon!

The GID name and number shows up as expected on the server. The users are a member of their own group which is their username and a member of the test_group.

On the Solaris computer, only their own group shows up. How do I get the Solaris computer to recognize secondary groups?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
simon3270

If the computers are sharing a disk, rather than a user database, you'll have to add the group manually on the Solaris box (with the same numeric GID as on the other one), then manually add the users to that group.
    sudo groupadd -g 123 test_group
    sudo usermod -G +test_group user_name
then log out and in again as that user "user_name".  the "id -a" command should then show membership of the correct group, with the right numeric ID.
ASKER
Mccalma1

Thanks for your help Simon, I really appreciate it!
simon3270

No problem, and thanks for the points!
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck