Linux – Permissions issues for shared directory on a server

file-sharinglinuxpermissions

The setup is we have a VPS running Debian Squeeze, and I've set up a shared directory for us to share files. So far I've followed this guide:

http://www.cyberciti.biz/faq/linux-setup-shared-directory/

I've also set the umask to 002 correctly (see the comments on that guide), so we can both now create files and directories directly on the server and we both have read/write permissions on them.

The only problem is that a lot of our files are created on our local machines (both running Ubuntu 10.10), and then dumped on the server. This results in only the creator of the file/directory having write permissions on, and the other member of the group I set up for sharing this folder only having read access.

My next thought would be to change the default umask on our local machines, but it seems a bit extreme to have to do that, and I don't know if it's a security risk.

Can someone tell me if there's a better solution to what I'm trying to achieve, or if this really is the way to go?

Many thanks in advance

Best Answer

I'd use a different approach and share the files through an access control list on the directory.

First make sure access control lists are enabled on the filesystem where the directory resides (make sure that the corresponding entry in /etc/fstab contains acl in the fourth column). Also make sure you have the acl utilities installed (on Debian, install the acl package). Then give both users an inheritable write permission on the directory.

setfacl -m user:other_user:rwx /path/to/directory
setfacl -d -m user:other_user:rwx /path/to/directory

If there are more than two users, either repeat this command for each user (the ACL is implicit for the user who created the directory); or put the users in a group (as you already did), and use -m group:group_name:rwx in the setfacl command.

Related Question