On campus, everyone's primary group is user
and each person is additionally associated to groups depending on the courses he or she is taking, lab he or she works at, etc.
My coworker and I are members of group foo
, so we use newgrp foo
and umask 7
to ensure our files are accessible to the two of us without granting everyone permission. Neither of us minded this.
However, we now need our PATH
environment variable to first point to our lab's bin
folder before the rest in the PATH
. We thought a simple script would work, but it doesn't as the PATH
's contents don't persist after executing newgrp
:
#!/bin/tcsh
setenv PATH "/path/to/lab/bin:$PATH"
newgrp foo
The default shell is tcsh
. Does anyone have any suggestions?
Thanks!
Best Answer
Unless you need to type a password when you run
newgrp
(a very rarely used feature), you don't need to usenewgrp
to make files owned by the appropriate group. You can usechmod
instead. For example, instead of the following workflow:you can do this:
On most current unices, either
project1/file1
will already belong tolab1
like the directory it contains (*BSD), or you can force this behavior (Linux, Solaris, …):All of this requires that your
umask
be set to 002 or 007.It's easier to manage permissions if access control lists (ACL) are supported. ACL support must be present in the disk filesystem driver and enabled in the mount options, and again for the network filesystem if applicable. ACLs support is not yet generalized, so you might not have it.
To see if you can use ACLs, on a Linux client, try running
If the permissions of
foo
show up as-rw-rw-r--+
or similar (with a+
at the end), ACLs are enabled. If thesetfacl
utility isn't available, then your campus network probably doesn't have ACLs all around.If you do have ACLs, then you don't need to have a permissive umask, you can stick with 022 or 077. With ACLs, to set up a group-writable directory (where newly created files will be writable by the group as well), do
In addition to not requiring a permissive umask, ACLs let you share files between an arbitrary set of users and groups.