How to: Shared Directory Permissions for specific Users of a specific Group


This guide is basically aimed at Debian server Administrators who want to control access to specific directories, to specific groups and/or users.

Scenario: 

You want ONLY user1 and user2 to have Read/Write access to the_shared_dir 
Create the new directory: 

sudo mkdir the_shared_dir 

Create new group: 

sudo groupadd thenewgroup 

Add users to the group: 

sudo adduser user1 thenewgroup 

sudo adduser user2 thenewgroup 

Give the directory group permissions: 

sudo chgrp -R thenewgroup the_shared_dir 

Change the directory/file permissions to Recursive Root/Group Read/Write: 

sudo chmod -R 774 the_shared_dir 

sudo chmod g+s the_shared_dir 

sudo setfacl -d -m group:thenewgroup:rwx the_shared_dir/ 

Use getfacl to see directory permissions: 

sudo getfacl the_shared_dir/ 

Which will produce this output: 
# file: the_shared_dir/ 
# owner: root 
# group: thenewgroup 
# flags: -s- 
user::rwx 
group::rwx 
other::r– 
default:user::rwx 
default:group::rwx 
default:group:thenewgroup:rwx 
default:mask::rwx default:other::r-x 
**Now the user has to log-off and on again for permissions to work** 
Links: 
ACL 
Getfacl 
Setfacl 
Permissions 
Advertisements

4 thoughts on “How to: Shared Directory Permissions for specific Users of a specific Group

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s