I have a directory data
and I need to set default umask
and ownership for all directories/files (both existing and future files).
I want all files in data
to have ownership root:martin
ans permissions 750/640
I am aware that I can use setfacl
to set default umask
recursively using
setfacl -R -d -m o::--- data
and that I can use setgid
bit on the directory, so that all created files have ownership root:martin
chmod -R +s data
What I am not sure about is whether I should combine setgid
with acl
. Can I perhaps achieve the same with acl
only? How would I do it? Would that solution be superior?
Best Answer
Option 1: The permissions of the files inside the directory doesn't matter, blocking at the directory level is usually enough, so
chmod 2750 /path-to-dir
is enough.Option 2: Use ACLs only (
chmod 2750 /path-to-dir
is not necessary, but make things nicer for people not used to ACLs).note that you could set
g::rwX
to achieve 770/660