[Discuss] Advanced file permisions
Jerry Feldman
gaf.linux at gmail.com
Wed Nov 26 08:29:24 EST 2014
I just checked, our umask is 0077 on our RHEL VMs (as required by IT). This
is the problem. a umask or 0007 will give us what we want. The issue is to
have read, write, execute by group. I was unaware that it was set to 0077
by default in RHEL 6. On RHEL5, it is set to 0022.
Most of our scripts here are Python (so the C rules apply), and most of the
code we have is either C++ or Java.
On Tue, Nov 25, 2014 at 6:49 PM, Derek Martin <invalid at pizzashack.org>
wrote:
> On Tue, Nov 25, 2014 at 09:38:52AM -0500, Jerry Feldman wrote:
> > I have an auto mounted directory where I want to restrict access to only
> > members of a specific group, lets call it foogroup for now. I didn't want
> > to use netgroups for a number of reasons in that the NAS is run by a
> > separate team, and they use a different LDAP server than we do.
> >
> > The way I set up the original top level directory is:
> > chmod 2770: rwxrws--- foogroup
> > But when I create a subdirectory I get:
> > rwx--S---
>
> How did you create the directory? If you're using mkdir on the
> command line, the umask seems like the only possible culprit,
> excepting some weird filesystem mount options possibly. The mkdir
> command has a -m option to set the mode but one can assume you're not
> using that, or else you would know. =8^)
>
> If you're doing this from within a program, the mkdir() system call
> takes a mode argument (and is, I believe, still modified by your
> umask). That's for C obviously but other languages should generally
> have something similar, and in some of those languages it may be
> optional, defaulting to something you don't want...
>
> --
> Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02
> -=-=-=-=-
> This message is posted from an invalid address. Replying to it will
> result in
> undeliverable mail due to spam prevention. Sorry for the inconvenience.
>
>
--
--
Jerry Feldman <gaf.linux at gmail.com>
Boston Linux and Unix
PGP key id: B7F14F2F
Key fingerprint: D937 A424 4836 E052 2E1B 8DC6 24D7 000F B7F1 4F2F
More information about the Discuss
mailing list