Greetings all- I have a system running CentOS 5.5 x86_64. It's serving NFS for several 'frontend' boxes in a web application setup. All data is stored in specific dir but written by different users. When the webapp attempts to read this information, it may or may not have permissions to this data. What I'd like to do is set 'default permissions' on the data storage directory (lets call this /var/appdata) so that any file or directory created under this is assigned a default set of permissions, and if possible, ownership. I've looked at and tested umask but it only seems to allow/disallow specific permissions, not force permissions. Am I missing something? How can I force all files/dirs created under a specific directory to have the permissions (and ownership if possible) that I specify? Thanks! Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105
On Thu, Aug 26, 2010 at 10:35 AM, Tim Nelson <tnelson at rockbochs.com> wrote:> Greetings all- > > I have a system running CentOS 5.5 x86_64. It's serving NFS for several 'frontend' boxes in a web application setup. All data is stored in specific dir but written by different users. When the webapp attempts to read this information, it may or may not have permissions to this data. What I'd like to do is set 'default permissions' on the data storage directory (lets call this /var/appdata) so that any file or directory created under this is assigned a default set of permissions, and if possible, ownership. > > I've looked at and tested umask but it only seems to allow/disallow specific permissions, not force permissions. Am I missing something? How can I force all files/dirs created under a specific directory to have the permissions (and ownership if possible) that I specify? > > Thanks!The SUID on the directory is what you need. http://kurt.www.pinboard.com/techwritings/d83/
On Thursday 26 August 2010 10:35:08 Tim Nelson wrote:> I've looked at and tested umask but it only seems to allow/disallow > specific permissions, not force permissions. Am I missing something? How > can I force all files/dirs created under a specific directory to have the > permissions (and ownership if possible) that I specify?Hi, You need to jump into ACLs. You'll do something like: http://tinyurl.com/257k9qy If you don't want to deal with ACLs and your requirements aren't too specific you could set the SGID, bit (Set Group ID) so that every file created under the directory will be owned by the group owner of that directory: chown myGroup /var/appdata chmod g+s /var/adppdata HTH, Jorge