How to Add All Users in One Group to Another Group

groupusers

I have some users in a group called aa and I need to give them the rights to write to a folder which is currently tomcat:tomcatdeploy.

The straightforward way to do this is to add all the users to the tomcatdeploy group, one-by-one.

Is it possible to say that members of group aa are also automatically members of tomcatdeploy by somehow adding the aa group to the tomcatdeploy group?

Or is that trying to push the UNIX permissions scheme too far?

Best Answer

You could use the lid command to get a list of users in aa, and the loop over that list to add them to tomcatdeploy:

for u in $(lid -g -n aa); do usermod -a -G tomcatdeploy $u; done

Related Solutions

Permissions – Make All New Files in a Directory Accessible to a Group

You can control the assigned permission bits with umask, and the group by making the directory setgid to GROUPNAME.

$ umask 002            # allow group write; everyone must do this
$ chgrp GROUPNAME .    # set directory group to GROUPNAME
$ chmod g+s .          # files created in directory will be in group GROUPNAME

Note that you have to do the chgrp/chmod for every subdirectory; it doesn't propagate automatically (that is, neither existing nor subsequently created directories under a setgid directory will be setgid, although the latter will be in group GROUPNAME).

Also note that umask is a process attribute and applies to all files created by that process and its children (which inherit the umask in effect in their parent at fork() time). Users may need to set this in ~/.profile, and may need to watch out for things unrelated to your directory that need different permissions. modules may be useful if you need different settings when doing different things.

You can control things a bit better if you can use POSIX ACLs; it should be possible to specify both a permissions mask and a group, and have them propagate sensibly. Support for POSIX ACLs is somewhat variable, though.

Two users with different permissions on same directory

Yes, by using ACL - Access Control Lists. (if not avail, install via yum install acl)

Before you start setting ACL, you initially need to enable ACL support for filesystem, for doing it manually use:

mount -o remount,acl $filesystem

But you need to enter this command every time you boot the system. To avoid this, you can enable acl when the filesystem is mounted, by using fstab.

Eg. /etc/fstab (for your home directory), if you are using ext4 file system:

LABEL=/home        /home         ext4           defaults,acl          1 2

For more information go to redhat documentation link.

By setfacl you can assign permission like::

setfacl -m u:Full:rwx /home/myDir
setfacl -m u:Lim:rx /home/myDir

After that by getfacl, you can view the permissions:

getfacl /home/myDir

For more info, please visit CentOS documentation page.

Best Answer

Related Solutions

Permissions – Make All New Files in a Directory Accessible to a Group

Two users with different permissions on same directory

Related Question