Newbie question, please help me understand file, folder and group permissions

How do I accomplish this goal:

My username is roadhazard on my EOS box. I belong to the roadhazard group. (roadhazard:roadhazard)

I create a folder… (/mnt/movies). I issue the following commands:

sudo chown -R roadhazard:roadhazard /mnt/movies
sudo chmod -R ug+rwX /mnt/movies

At this point, that folder belongs to me and any future files/folders I create will inherit those same permissions. (Am I correct so far?)

Now, I have 3 other users (user1, user2, user3). So I added all of them to the roadhazard group:

sudo gpasswd -a user1 roadhazard
sudo gpasswd -a user2 roadhazard
sudo gpasswd -a user3 roadhazard

User1 creates /mnt/movies/1. As roadhazard, I can rename /mnt/movies/1 but I can’t delete it. This is where hours of Googling isn’t getting me tangible results. I need EVERYONE to have full access to any file/folder in that directory and any NEW files or folders that come along must inherit the same (wide open permissions). With my caveman like knowledge of Linux I figured… if a user is part of the ‘roadhazard’ group, we’ll all be able to create/delete each other’s files and folders with no problem. BZZZT, WRONG! :slight_smile:

What step am I missing?

if you do in other users account , groups in terminal. Do you also got ‘‘storage’’ in the groups ?

storage – Access to removable drives such as USB hard drives, flash/jump drives, MP3 players; enables the user to mount storage devices.

it is a removalble disk?

In the back of my head I remembered something about “sticky bit” and duckduckgo’d it.

What is Sticky Bit?

Sticky Bit is mainly used on folders in order to avoid deletion of a folder and it’s content by other users though they having write permissions on the folder contents. If Sticky bit is enabled on a folder, the folder contents are deleted by only owner who created them and the root user. No one else can delete other users data in this folder(Where sticky bit is set). This is a security measure to avoid deletion of critical folders and their content(sub-folders and files), though other users have full permissions.

Maybe that can help…
https://www.linuxnix.com/sticky-bit-set-linux/

1 Like

It’s not a removable disk, just a directory on my drive. The ‘roadhazard’ group has rwx access. I would assume that if everyone is added to the roadhazard group, they’ll have rwx permission to the same folder in question but that doesn’t appear to be the case.

This morning I was doing some more Googling and I’m starting to think the answer might be with that sticky bit stuff. Maybe… because in your post, it talks about preventing deletion of content in a shared folder accessed by other people.

I want the opposite of that. I want a folder where all user accounts will have full access to it. Free to create/delete/rename/ files and sub-folders created by other people.

To boil it down again, I need to figure out the command(s) that say “hey, this particular directory here… if user X is in this group, they are free to do whatever they want in it.”

I know that a file/folder can only be owned by a single user and a single group but extending the same full access to other users was done (I thought) by adding them to a shared group but that’s not the case apparently.

is this also the same ?

https://wiki.archlinux.org/index.php/Access_Control_Lists

sub : https://wiki.archlinux.org/index.php/Access_Control_Lists#Set_ACL

To set permissions for a group ( group is either the group name or ID):

setfacl -m "g: group:permissions " <file/dir>

What is ls -l saying?
Do you get the ‘t’ on the last part of the permissions like -rwxr-xrwt?
What happens when you try chmod -t your_folder? :slight_smile:

@roadhazard

  • How have you mounted that partition? If in /etc/fstab, how?
  • What file system does the partition have?

You mentioned folders /mnt/movies and /mnt/data. Setting permissions to /mnt/movies does not change any permissions on /mnt/data.

drwxrwxr-x 2 roadhazard roadhazard 6 Aug 11 13:28 movies

chmod -t /mnt/movies does nothing

Sorry, I corrected my OP. It was just a typo.

As for mounting it… not mounting anything yet. I just went into /mnt/ and created a ‘movies’ sub-folder. Eventually, /mnt/movies will be mounting a movies directory on a MDADM setup but for now, I just want to make sure everything will work once I blow away Mint on my media server and switch it over to EOS.

I remembered a way of remembering the permissions so here ‘you go’…it’s ugo!!!
ie you have -rwxrwxrwx
first 3 u-user
next 3 g-group
last 3 o-other
also r has a value 4, w value 2, x value 1…so you’re always counting down…
so chmod 755 makes the first group ie user, rwx (4+2+1), the second group r-x (ie 4+1) and the last group r-x too!

Ok I also remembered doing this a while ago to share movies with other devices on my home network…
I think what I did in the end was create a folder under /home and just give everyone read and execute access to it!
that way if you have say a torrent daemon running aswell it gets access too…

Okay, so no sticky bit is set. Then you’ll have to work with ACL I think. That’s what @ringo already mentioned.
It has to be activated for the mounted FS and according to the Arch-Wiki you set the permission with:

To allow all newly created files or directories to inherit entries from the parent directory (this will not affect files which will be copied into the directory):

# setfacl -dm " *entry* " <dir>

I never used that, so reading that article might be a good idea. :wink:

I’ve just remembered the rest of what I did lol
use nfs so that other devices can see your ‘shared folder’
sooo you stick the folder in /etc/exports with a few options…google it
then you need to make sure the nfs service is running ‘sudo systemctl start nfs-server’
then you might have to issue ‘exportfs -arv’
from another device type ‘showmount -e 192.168.1.10’ to see if you can see the share (in this example 192.168.1.10 is the ip of my pc/server)