Solved

Group Ownership Chgrp

Posted on 2014-03-02
7
290 Views
Last Modified: 2014-03-11
in Linux if a group has Read only permission or Read /Write on a folder, even if you give it ownership it would keep just the same permission, I thought it would have full rights (R/W/E)
Wanted just to make sure my understanding is right.

thanks
0
Comment
Question by:jskfan
7 Comments
 
LVL 78

Assisted Solution

by:arnold
arnold earned 200 total points
ID: 39899620
not sure what you are asking here.

Post and example
ls -l  /path/to/directory
as well as getfacl  /path/to/directory

ownership is given to user or group (chown and chgrp)
Changing ownership may have no effect if the group has no permissions.

i.e.
directory is
ls -l directory
drwx------ user groupname
you run chgrp newgroup directory
the result will be members of the newgroup will still have no access to the data within directory

ls -l directory
drwx------ user newgroup

group ownership changes can only be done by admin/root.
0
 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 100 total points
ID: 39899665
see any default permission is depends on the umask value defined under your system, which can be checked with #umask command ...

Default is 0022 that means for folder default permissions is (0777 - 0022 = 0755) and for files it will be (0666 - 0022 = 0644) in case you want to change umask change it by using the same command #umask <####>

Hope i am clear with it.

TY/SA
0
 
LVL 5

Assisted Solution

by:Dave Gould
Dave Gould earned 100 total points
ID: 39899760
A file has an owner, and a group associated with it. The chgrp changes the group that is associated to it but does not make the group "owner" of the file. It simply means that the rights given to the group part, apply to the group mentionned.

ie file dave has the following rights :    r w x r _ x r _ _
It is owned by dave and has group mygroup associated to it.
The first 3 chars (r w x ) are for dave
The next 3 chars (r _ x) are for the members of the group mygroup. You can see from the example that mygroup has read and execute but not write. You see, it os not a group ownreship but group association that we are giving.

The last 3 chars (r_ _ ) are for anybody that is neither dave nor a member of the group mygroup
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:jskfan
ID: 39900822
In my previous questions, I made windows/linux analogy…I guess I was right then…
in Linux Chgrp , is like adding a group to ACL in windows, Chmod in Linux, is like ticking on/off permissions in windows (they are called ACE, Access list Entries)

However , I am not sure if you give a linux group ownership , then you give it only Read/execute, would that group be able to assign  permissions to other users ?
0
 
LVL 78

Accepted Solution

by:
arnold earned 200 total points
ID: 39901034
no.

In windows the addition of a group also adds rights for group members which is not how it works in linux. i.e. security tab add group, it then asks what rights the group has.

In linux, the group that is assigned to a newly created file/directory is determined by the primary group to which the user creating the item belongs.
i.e. usera has users as the default/primary group (/etc/passwd)
userb has admin as the default/primary group
id usera (gid) groups= reflects all other groups to which this user belongs -g maingroup -G list of additional groups when creatign a user (useradd)
id userb

usera creates a file which is now reflected as owner usera and group users.
userb creates a file which is now reflected as owner userb and group admin.

Sandy and trappa covvered the default access settings which are controlled by the negative/exclusionary umask.  I.e. an option in umask is taken out of the real permission.
Every directory starts with 777 every file starts with 666.
chgrp will enforce restriction such that usera while being able to control access permissions on a file or directory they created using chmod, will not be allowed to chgrp to a group of which the user is not a member.

The issue deals with security.
a user can using chmod set a file to be suid/sgid meaning when executed/ran the file will have either the owner's privileges and/or the group.

.........
of track.

Thinks this should cover your question.
0
 
LVL 16

Assisted Solution

by:Joseph Gan
Joseph Gan earned 100 total points
ID: 39901556
One point don't know anyone has memtioned above, if you want to give a group to create files under a folder, read/write permission is not enough, you need excute permission as well. This is different to a file.
0
 

Author Closing Comment

by:jskfan
ID: 39920200
Thank you
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
error log using ftp 7 83
expand ext4 on centos 6 5 56
Migrating a Linux server to VMware 3 112
simple bash script needed to unpack tar.gz 4 29
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question