Ubuntu – How to set up a folder so that anything created in it inherits permissions


I have a /data folder (actually a partition) for all data that should be accessible by all users (in this case family members). We all have individual user accounts and are often all logged in at any time on this one PC.

How can I set up permissions so that we all retain access to files there no matter who creates them, including new folders? If I create a folder it gets my user and group, so nobody else can write to it.

Best Answer

Another approach is to use Access Control Lists, a superset of file permissions.

First of all, we have to install the acl Install acl package:

sudo apt-get install acl

Before Ubuntu 14.04, the partition has to be mounted with the option acl for the following to work. It could be added in /etc/fstab, as in

UUID=<XXXX>  /media/shared  ext4  noatime,acl  0  2

or for an already mounted filesystem

sudo mount -o remount,acl /media/shared

Next, you should create a new group, to which all users allowed to access the share in read/write mode will be added. I call it usershare. An already existing group could be used.

sudo addgroup usershare

Now we add the users enzotib and steevc to that group:

sudo gpasswd -a steevc  usershare
sudo gpasswd -a enzotib usershare

(effective at the next login).

Then we add an ACL with rwx permissions for the group usershare to all files already in /media/shared

sudo setfacl -Rm g:usershare:rwX /media/shared

Finally we add a default ACL with rwx permissions for the group usershare for all files created from now on inside /media/shared

sudo setfacl -d -Rm g:usershare:rwX /media/shared

Now all users of the usershare group have full permissions on all files under /media/shared. Permissions of each user on his and other's home directories are not affected.

I tested this solution and seems to work, but suggestions and corrections are welcome.

Remark: new files and directories created in the considered directory will have write permission for the usershare group, but files copied or moved in the folder will retain their original permissions. If the user, as I understand, only require write access to newly created directories, this is not a problem. Otherwise it should modify permissions by hand. See this answer on how to overcome this by defining the umask of users to 002.

Related Question