Linux – How to two users be the owners of a file

linuxpermissions

As per the title, I have to create a file, for example:

/home/john/file.ini

I created a user and a group, myuser and mygroup, and set them to be the owner and group of this file.ini:

chown myuser:mygroup file.ini

I have another user named mymain. This user must be able to read this file. How can I change the permissions to allow this?

Important: I want to allow only the "mymain" user to read this file, NOT all other users.

So myuser (the owner of the file) and mymain should have access.

Best Answer

In the traditional Unix file permission system that's not possible: a file has only a single owner. You could create a group containing just the two users that should have access and make that the owning group of the file (and give the desired permissions to that group). This approach has some administrative overhead, however (not every user can create a group and place other users in it).

Many (most) modern filesystems support ACLs, however and they aren't too hard to use. If you want to use POSIX ACLs to give another user read (r) and write (w) permissions then you can use this command:

setfacl -m user:mymain:rw file.ini

Two caveats:

The necessary tools aren't always installed. On Ubuntu/Debian they are found in the acl package (sudo apt-get install acl)
Even if the filesystem used supports ACLs, it might be that your local filesystem is mounted without support for ACLs. In that case you need to modify the mount parameters to enable it (for ext4, for example, that simply means appending ,acl to the mount options in /etc/fstab).

Related Solutions

Linux – How to chown directory for multiple users

You'll need a group with apache and all the VPS users in it, call it vpsusers for instance

# do this as root
groupadd vpsusers
gpasswd -a apache vpsusers
gpasswd -a bob vpsusers   # if you have a user named bob
gpasswd -a alice vpsusers # if you have a user name alice
# etc...

And then make that group the group owner of the directory in question, eg

# also do this as root
chown -R apache:vpsusers /your/directory

And finally, make that group-writeable

# again, as root
chmod -R g+w /your/directory

(As always, think about what you're doing before you chmod or chown...)

Linux – How to setup nfs share for users with write permissions

I found simple workaround at this article.

If we use a separate primary group for each user, we can use umask = 002. Then the group permissions will not be cut off by umask. And we can set permissions using setgid or acl.

But the proposed solution complicates management of users, namely the creation and deletion. Being LDAP administartor you need to create a primary group for all ldap users. Delete primary user's group, when when delete unnecessary user.

In addition, I would note that:

I have due to migration from zentyal on openldap uses the same core group (USERS) for all newly created users.

On the one hand, it simplifies the management of users, on the other hand did not solve the problem with a shared folder for them.

Best Answer

Related Solutions

Linux – How to chown directory for multiple users

Linux – How to setup nfs share for users with write permissions

Related Question