[ale] User Private Group -- what are the benefits?

Lightner, Jeff JLightner at water.com
Mon Jun 4 11:53:12 EDT 2012


Nice write up on UPG.

I'll note that although RHEL does add the UPG by default it isn't required and in fact there is a "-n" flag in useradd to NOT add a UPG.   Here we don't use UPGs might have chosen differently if we'd understood the below.   (But then again we use user admin accounts and expect shared directory files to be owned by those user admins - our "real" users use sudo to become those admin accounts.)





-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of James Sumners
Sent: Monday, June 04, 2012 11:28 AM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] User Private Group -- what are the benefits?

This is precisely the information I needed. There are several SGID directories we have that rely on this functionality (an improvement over the old configuration IMHO). What I didn't realize is that it relied on the user's umask for setting group permissions in the SGID directory.

Thank you.

On Mon, Jun 4, 2012 at 10:58 AM, scott mcbrien <smcbrien at gmail.com> wrote:
> Thanks to the less restrictive umask, the group permissions also
> include write.  Because fred is giving that to his private group that
> no one else belongs to, it's not a big deal.  But on this web docroot
> directory, when you add the SGID permission, as though by magic we
> have happiness.  Now when Fred creates files (that automatically are
> chgrp'ed to web):
> -rw-rw-r-- fred web freds_web_file
>
> Other people who belong to the web group can make changes to Fred's
> files without Fred (or you) needing to re-permission files all the
> time.  Add to that the fact that SGID is inheritable, and now if the
> web group decides they need sub-dir structure or whatnot, they can
> create what they need and you don't have to do jack.



--
James Sumners
http://james.roomfullofmirrors.com/

"All governments suffer a recurring problem: Power attracts pathological personalities. It is not that power corrupts but that it is magnetic to the corruptible. Such people have a tendency to become drunk on violence, a condition to which they are quickly addicted."

Missionaria Protectiva, Text QIV (decto) CH:D 59

_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo




Athena®, Created for the Cause(tm)
Making a Difference in the Fight Against Breast Cancer

---------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------




More information about the Ale mailing list