File permissions

DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
Hi,

can you in linux do like in windows where files placed in a folder, take on the permissions from that folder and not from the user who created them.

I have an NFS mount point, but when ever some one on the linux box creates a file it takes on there permission. This then casues problems when windows users mount the same share through Cifs.

I want any files created in the mounted NFS directoy to take on the NFS nobody permission.
  • If you can't explain it simply, you don't understand it well enough. Albert Einstein
  • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.

Comments

  • NightShade03NightShade03 Member Posts: 1,383 ■■■■■■■□□□
    What you are looking for is the SetUID or SetGUID for file permissions. When you use chmod to assign permissions on the NFS share you can do something like: chmod 4775 <directory>

    Anything created in that directory then takes on the permissions of the user but is owned by the group of the directory. You could do vice versa for user permissions inheritance or both user and group.

    If you want to get really fancy you can also use ACLs on your directory/share. Check out this for ACLs (there is an NFS section):

    Chapter 8. Access Control Lists
  • rogue2shadowrogue2shadow CISSP, GXPN, OSCE, OSCP, OSWP, eMAPT, CEH, CNDA, A+, Network+, Security+ Member Posts: 1,501 ■■■■■■■■□□
    A chmod trick I learned was the following (for chmod using number notation):

    4 - read
    2 - write
    1 - execute

    To give someone "Full Control" like in Windows NTFS you would do the following:

    chmod 777 file

    You can modify file permissions based on users, groups, and "others" as each number serves as a place holder. I'm not truly sure if others is the "nobody" version of Window's permissions but who knows :)

    Epic link:
    http://catcode.com/teachmod/

Sign In or Register to comment.