Linux Permissions – Shared Read-Write Photo Directory for Normal Users

gnome3linuxmultiuserpermissions

I.e. what I want is the Linux equivalent of Windows Public/Pictures.

The problem is that Linux file manager Nautilus doesn't apply default ACLs when you move a file into a folder/directory (nor good old set-group-id). Not even in the expected case, where the file is only in one directory at a time, i.e. it hasn't also been hard-linked into another directory.

So dragging photos from a plugged in camera can't work, even with a default ACL. Other users will be able to read the photos, but they won't be able to write to them. They're shown with a padlock in the file manager.

Amusingly it isn't using rename() in this case, because the move crosses filesystems. Nautilus is just providing consistent semantics in this case by re-applying permissions form the source file :trollface:.

Unfortunately I remembered this too late, after getting fed up instructing fellow users on how to use Digikam. (Digikam worked, because deleting photos from the card is a separate operation. So the photos are necessarily copied, instead of moved). I instructed them to write notes on using the file manager instead. Sigh.

So I know this isn't the expected usage, i.e. multi-user computers have not really been catered for. But is there any sensible way I could set this up for my fellow users?

I'm discounting any method that's harder for people to remember (over about a month) than the file manager one. That excludes Digikam; it has too many pointless choices, and then demands confirmation before removing images from the card, as if this whole operation was fraught with danger. (Also unfortunately, with our software we get an "import photos using Digikam" popup that doesn't work).

I'm also excluding any photo manager that can't save album's names (including a date) to the filesystem. If you can't export to Digikam, then you're not trustworthy enough to make me import from Digikam!

Environment:

Linux
Debian
Standard GNOME desktop

Best Answer

I forgot something else. If I can't write to a file, I can still remove it and replace it. And that's exactly the correct way to save a file. (Because you have to fsync() before you have a durable file, which you can safely replace the old one with).

It seems to work fine, you just have to ignore the padlocks :). E.g. I can rotate photos copied in by other users.

DISCLAIMER: Digikam appears to update photo metadata incorrectly. So that will silently fail (:trollface2:), leaving the (metadata) database inconsistent. Fortunately I don't care about doing tagging at the moment, but that's another one of those little traps for me to stumble into later.

Related Solutions

Linux – Permissions issues for shared directory on a server

I'd use a different approach and share the files through an access control list on the directory.

First make sure access control lists are enabled on the filesystem where the directory resides (make sure that the corresponding entry in /etc/fstab contains acl in the fourth column). Also make sure you have the acl utilities installed (on Debian, install the acl package). Then give both users an inheritable write permission on the directory.

setfacl -m user:other_user:rwx /path/to/directory
setfacl -d -m user:other_user:rwx /path/to/directory

If there are more than two users, either repeat this command for each user (the ACL is implicit for the user who created the directory); or put the users in a group (as you already did), and use -m group:group_name:rwx in the setfacl command.

Linux – Make all files under a directory read-only without changing permissions

This answer works on Debian (tested on lenny and squeeze). After investigation, it seems to work only thanks to a Debian patch; users of other distributions such as Ubuntu may be out of luck.

You can use mount --bind. Mount the “real” filesystem under a directory that's not publicly accessible. Make a read-only bind mount that's more widely accessible. Make a read-write bind mount for the part you want to expose with read-write access.

mkdir /media/hidden /media/hidden/sdz99
chmod 700 /media/hidden
mount /dev/sdz99 /media/hidden/sdz99
mount -o bind,ro /media/hidden/sdz99/world-readable /media/world-readable
mount -o bind /media/hidden/sdz99/world-writable /media/world-writable

In your use case, I think you can do:

mkdir /var/smb/hidden
mv /var/smb/snapshot /var/smb/hidden
mkdir /var/smb/snapshot
chmod 700 /var/smb/hidden
chmod 755 /var/smb/hidden/snapshot
mount -o bind,ro /var/smb/hidden/snapshot /var/smb/hidden/snapshot

I.e. put the real snapshot directory under a restricted directory, but give snapshot read permissions for everyone. It won't be directly accessible because its parent has restricted access. Bind-mount it read-only in an accessible location, so that everyone can read it through that path.

(Read-only bind mounts only became possible several years after bind mounts were introduced, so you might remember a time when they didn't work. I don't know offhand since when they work, but they already worked in Debian lenny (i.e. now oldstable).)

Best Answer

Related Solutions

Linux – Permissions issues for shared directory on a server

Linux – Make all files under a directory read-only without changing permissions

Related Question