Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Group Ownership Chgrp

Posted on 2014-03-02
7
287 Views
Last Modified: 2014-03-11
in Linux if a group has Read only permission or Read /Write on a folder, even if you give it ownership it would keep just the same permission, I thought it would have full rights (R/W/E)
Wanted just to make sure my understanding is right.

thanks
0
Comment
Question by:jskfan
7 Comments
 
LVL 77

Assisted Solution

by:arnold
arnold earned 200 total points
ID: 39899620
not sure what you are asking here.

Post and example
ls -l  /path/to/directory
as well as getfacl  /path/to/directory

ownership is given to user or group (chown and chgrp)
Changing ownership may have no effect if the group has no permissions.

i.e.
directory is
ls -l directory
drwx------ user groupname
you run chgrp newgroup directory
the result will be members of the newgroup will still have no access to the data within directory

ls -l directory
drwx------ user newgroup

group ownership changes can only be done by admin/root.
0
 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 100 total points
ID: 39899665
see any default permission is depends on the umask value defined under your system, which can be checked with #umask command ...

Default is 0022 that means for folder default permissions is (0777 - 0022 = 0755) and for files it will be (0666 - 0022 = 0644) in case you want to change umask change it by using the same command #umask <####>

Hope i am clear with it.

TY/SA
0
 
LVL 5

Assisted Solution

by:Dave Gould
Dave Gould earned 100 total points
ID: 39899760
A file has an owner, and a group associated with it. The chgrp changes the group that is associated to it but does not make the group "owner" of the file. It simply means that the rights given to the group part, apply to the group mentionned.

ie file dave has the following rights :    r w x r _ x r _ _
It is owned by dave and has group mygroup associated to it.
The first 3 chars (r w x ) are for dave
The next 3 chars (r _ x) are for the members of the group mygroup. You can see from the example that mygroup has read and execute but not write. You see, it os not a group ownreship but group association that we are giving.

The last 3 chars (r_ _ ) are for anybody that is neither dave nor a member of the group mygroup
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:jskfan
ID: 39900822
In my previous questions, I made windows/linux analogy…I guess I was right then…
in Linux Chgrp , is like adding a group to ACL in windows, Chmod in Linux, is like ticking on/off permissions in windows (they are called ACE, Access list Entries)

However , I am not sure if you give a linux group ownership , then you give it only Read/execute, would that group be able to assign  permissions to other users ?
0
 
LVL 77

Accepted Solution

by:
arnold earned 200 total points
ID: 39901034
no.

In windows the addition of a group also adds rights for group members which is not how it works in linux. i.e. security tab add group, it then asks what rights the group has.

In linux, the group that is assigned to a newly created file/directory is determined by the primary group to which the user creating the item belongs.
i.e. usera has users as the default/primary group (/etc/passwd)
userb has admin as the default/primary group
id usera (gid) groups= reflects all other groups to which this user belongs -g maingroup -G list of additional groups when creatign a user (useradd)
id userb

usera creates a file which is now reflected as owner usera and group users.
userb creates a file which is now reflected as owner userb and group admin.

Sandy and trappa covvered the default access settings which are controlled by the negative/exclusionary umask.  I.e. an option in umask is taken out of the real permission.
Every directory starts with 777 every file starts with 666.
chgrp will enforce restriction such that usera while being able to control access permissions on a file or directory they created using chmod, will not be allowed to chgrp to a group of which the user is not a member.

The issue deals with security.
a user can using chmod set a file to be suid/sgid meaning when executed/ran the file will have either the owner's privileges and/or the group.

.........
of track.

Thinks this should cover your question.
0
 
LVL 16

Assisted Solution

by:Joseph Gan
Joseph Gan earned 100 total points
ID: 39901556
One point don't know anyone has memtioned above, if you want to give a group to create files under a folder, read/write permission is not enough, you need excute permission as well. This is different to a file.
0
 

Author Closing Comment

by:jskfan
ID: 39920200
Thank you
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Coding C# in Linux 8 120
cannot rename datastore 3 69
How to use question mark (?) in filename with html 25 71
linux - yum package installation issue 2 53
Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question