Monday 14 March 2011

Sharing files between users on Linux

Some time ago, I got rid of my home 'server' (a Buffalo LinkStation hacked to run linux) when the hard drive died.  This managed file shares, email, and backing up critical data to offsite storage (rsync.net - a no frills remote filesystem that I highly recommend for techies)

The email moved into the cloud (first a VPS, now Google Apps for Domains) but I didn't want to use all my bandwidth and limited offsite storage for unimportant things like music.  No problem I thought, I'll just set up a folder on each machine that everyone has access to and regularly sync between them.

Now all my machines run linux (Ubuntu) and I thought this would be easy but it turns out there is no widely accepted way of sharing files between users on linux.  Checking out the Ubuntu forums showed quite a few requests for some means of doing this but no real solution.  If you simply set permissions on a given folder (like you would in Windows, say), it won't work the way you expect as any new files created will have their permissions set based on the user that created the file rather than inheriting permissions from their parent folder.

File ACLs (and permissions generally) are the only things I've found that I prefer in Windows over Linux...

However, after some research I discovered the 'Sticky Bit' (or more specifically, SetGID).  This does quite a few things, depending on what context it is used in, but for our purposes we can use it to ensure that new files do inherit permissions from their parent

First step to set this up is to create a group to use for controlling access to this shared folder, in this example I have called the group shared-access, but obviously, call it whatever you want.

sudo addgroup shared-access

Add your user accounts to this group

sudo usermod -aG shared-access <username>

Set permissions on the shared folders (I am using a folder call shared that I have created under /mnt)

sudo chgrp -R shared-access /mnt/shared/
sudo chmod -R g+sw /mnt/shared


This gives the group write access and forces all files to inherit the group's permissions

1 comment: