My question is similar to How to set the default file permissions on ALL newly created files in linux – but differs in important ways:
I want all files created in (or copied to or moved to) a certain directory to inherit a set of default permissions that is different from the system default.
Rationale:
The directory in question is the "intake hopper" for an application. Users in a group place files in the directory, and the app (running under another user id in the same group) takes them and processes them.
The problem is that the owner of each file placed in the directory is the user that placed it there, and the permissions are defaulting to "rw-r–r–"; I want to change that to "rw-rw—-". The app doing the intake can't do that explicitly, because the user id the app is running under doesn't own the file in question, and the default permissions don't allow the app to chmod on the file! Obviously, the user could do a chmod after putting the file there – but I want to keep the "drop" by the user as simple as possible. (These folks are not linux-literate, they just drag and drop the files from their windows desktop to a (Samba) network share – i.e. they don't even know they are interacting with a linux system.)
umask seems too powerful: I don't want to set default permissions for every file created anywhere by these users – just those created in (or placed in) this directory.
Please advise… thanks!
Best Answer
You can use an ACL (access control list) to set the default permissions for files in a directory.
From
man 5 acl
:To set it up (change device, directories, etc., accordingly):
Edit your
/etc/fstab
file and add theacl
mount option.Remount (Samba
mount.cifs
man page) your filesystem by rebooting or use:Make sure you have the
setfacl
andgetfacl
utilities.Set the default ACL on the directory (you may also need to set the ACL on existing files):
See the linked tutorial for more information.
Source: Tutorial Part 1 and Part 2
Reference: POSIX Access Control Lists on Linux