Today I return with another tip which, personally, I use a lot: be able to have a shared directory among several users on a Linux. I put them in a situation, with my wife at home we both use the same PC with Arch Linux but each with its own user. So, we noticed the problem with those folders that we share like music or photos, since each one had its own files, duplicating things.
It was then that we thought make a shared folder, but that's the problem of permissions. If the folder is mine she does not see it, if the file is created by me, she does not delete it and so on. At the beginning, the patch was that we gave 777 permissions to those files every time we edited something for the other to access until we found the solution, Group permissions!
What are group permissions?
That's the best, assign that shared directory and all its contents a special group with read and write permissions, with which all members of the group will have access to said directory. This allows, then, that just by adding our users to said group we can already interact in that directory.
And how do I configure it?
This is the best part and I proceed to tell you how I did it with my wife. The first thing is to create that directory, which for the example I will call «shared«.
sudo mkdir /home/compartido
I create it inside / home and outside of our accounts, to avoid that the upper directories bother with their own permissions. Now we must create the group, which we will put «Shared»
sudo groupadd compartidos
And we assign this group to the directory that we created before and we also change the permissions, so that everything we create inside, whether they are directories or files, also belong to this group.
sudo chgrp -R compartidos /home/compartido
sudo chmod g+s dirname
Also, we have to add our users to it. Then we will have to repeat this command for each one:
sudo usermod -G compartido sebastian
sudo usermod -G compartido mimujer
So far, we have the directory «/ home / shared»Which belongs to the group«Shared«, With what all the member users of the same will be able to access and everything that is created in the directory, will belong to the group with what any of us will be able to see them.
Now we only need one last step, which may be optional, but is to change the umask of the users, to ensure that each new file that we create is modifiable by the other members of the group. This affects the whole user, not just the directory, so they have to see if it works for them or not. In my case, since only my wife and I use the system, it doesn't bother us and we assign a umask of 002, which means that every file created starts with 775 permissions.
Editing the umask
To edit the umask, in each user you have to edit the .profile or .bashrc file that is inside the user's home and modify the value of umask by the desired number. If the option is not there, we must add it.
So, in the console we put:
sebastian@multivacs ~> vim .profile
And we will see something like this:
So, we go to the line that says umask, we press the letter i to edit and remove the # to remove the comment. We change the number to 002. If the line does not appear, they must add it.
Once finished, we press the key I to exit edit mode and then we write :+q+w. What makes us save the changes and exit the Vi.
It will look like this image:
And that's it! If they close their user session and reopen it, the changes will be taken, so the shared directory will be working.
Great tip.
Genial.
Some years ago I saw the need to do this myself, what I did not know was the umask ... I instead put a task in the crontab 🙂
Thanks for the tip
Yes, the crontab is good too. What did you put, to assign 775 permissions to the content?
Great tip .. ..saved if necessary;) ..
Ok, you create the folder / home / shared and assign the group "shared" to it but
What user does that folder belong to? In other words, who is the owner? Me, the other person, or the root user whose account is disabled since I use sudo?
On the other hand, I find the following problem: The files that I create cannot be deleted by the other person and the files that the other person creates I cannot delete.
What did I do wrong?
When creating the folder with sudo, you should be left with the root user as owner. You can also modify that with the chown command to assign another user.
On the other, check that the files you create do so with 775 permissions (which gives umask 002). If they don't have those permissions, there may be some wrong settings.
Likewise, it is worth clarifying that the umask affects every new file that is created within the directory, but if they move or copy content from another place, the original permissions are maintained and not those that we set to the directory.
Hey You're right.
I've been looking and the problem is caused by that last thing you say: When moving a file from another location to the shared folder, the original permissions are maintained.
Is there a solution to this?
I could use pearls.
In that case, the best thing would be to put a crontab like KZKG ^ Gaara said, in which you could put a command to assign the group and permissions to the folder content every X time.
That is to say something like this in the crontab:
sudo chgrp -R compartidos /home/compartido/*
chmod -R 775 /home/compartido/*
In order for everything new, move to the Shared group with permissions 775.
Ignore the * at the end of each line, I was thinking of something else when I put it 😛
Thank you friend.
Very good post, but I prefer to have a separate partition, in which I can put everything I want to share. I have a generous 500 GB disk, in which I use 100GB with Linux and a 400GB partition (ntfs) in which is all the music, photos, etc ... On my pc we are two users and each one can access the partition ntfs and put and remove what we want, when we want. If I don't want to share anything, I have some things in my username. 🙂
Yes, it is another way to do it but the problem is not where to put the files but to configure the permissions and control the access of the different users.
You can have it on an NTFS partition, correct but you also have fragmentation, slower than EXT4 and less security, although if it is good for you to have it that way it is equally valid.
Okay! Good tip, but I would still add a task to change the permissions to 775 of the new files at each login, and it would solve the problem of files moved from another folder.
Also, thank you very much for sharing!
Interesting, thanks!
I am raising something regarding the primary sharing group of some gnu / linux distributions. Some distros create the user with the primary group users and not using a primary group equal to the user's name.
The difference is that using the primary group users, by default everything is being shared with the group users to which all the users created in that distro will belong, if instead they are created with the same group as the user's name, by default not nothing will be shared.
Example:
$ ls -l /home/user/*.txt
-rw-r – r– 1 carlos carlos 126 Mar 25 2012 notes.txt
$ ls -l /home/user/*.txt
-rw-r – r– 1 carlos users 126 Mar 25 2012 notes.txt
I do not recommend using the primary group users, better to create your own primary group when creating the user.
#groupadd carlos
# useradd -g carlos -G lp, wheel, uucp, audio, cdrom, cdrw, usb, lpadmin, plugdev -m -s / bin / bash carlos
The -g carlos indicates to use the parent group carlos.
You can change the primary group of a user with # usermod -g but that will not change the primary group of all the files and folders that are already in / home / carlos, you will have to change them all.
Example: change primary group users from user carlos to primary group carlos and then change
all the file and folder permissions of the user carlos so that they remain of carlos carlos.
#groupadd carlos
# usermod -g carlos users
# cd / home
# chown -R carlos: carlos carlos
Regarding sharing, you can create a user called shared with your shared primary group, and so that there are no permission problems when copying, you first change the user
with "$ su - shared" then what you want is copied to / home / shared, with this and the permissions of what is copied will become the shared user.
If there are already copy files belonging to other users and primary groups, you have to change them all.
# cd / home
# chown -R shared: shared shared
There is only something left in limbo, which I don't know how to do to copy graphically as the shared user, that is, without having to do $ su - shared
It was a very silly thing to copy graphically, hehe, I use pcmanfm here in openbox, but you can use the file manager you have or want, it is only executed as a shared user and not as a root user.
$ su - shared
$pcmanfm
$dolphin
$mc
etc etc
I was just about to answer that. If not, the other is a crontab that changes the owner of the files every x time with a
chown -R compartido:compartido compartido
It seems to me that the command "usermod -G thenewgroup elusuario" what it does is basically change the user's group to "thenewgroup". To add an existing user to a new group, I think the correct thing would be "usermod -aG elnuevogrupo elusuario"
Another thing is that I see here that several people recommend doing a "chmod -R 775" but that not only affects directories, but also all files (making them executable), which introduces an unnecessary risk. Better to do something like «find / home / shared -type d -print0 | xargs -0 chmod 755 "and if necessary with the files you can do something similar but using" -type f "and granting permission 664.
Finally, one way to make multiple accounts have access to a file or folder regardless of who the owner or group is is by using the "setfacl" command that is in the acl package (if I remember correctly). Its use is well explained on the manual page.
I have the following problem. I have created 4 users (web1, web2, web3, web4) and I want to create an access group folder to the users of the web group. When I create the .htaccess file I know that I have to put require valid-user, but if I put require valid-user web1 web2 web3 web4 so that they can access the folder with their password, when I try to access the folder it asks me for the user and password of each one. How do I get only asked for the username and password of the one who wants to enter? because one is not supposed to know the other's password.
Hey.
The 4th terminal should have the "shared" plural:
sudo usermod -G shared sebastian
sudo usermod -G shared mywoman
Greetings.
Gustavo
Cheers :
We are migrating from Windows Server to CentOs 6 and we are still in the adaptation process. My query: Is there a graphical interface in CentOs to share folders and give users access to modify, edit and / or delete files?, Or should I do all the above procedure.
Thanks for the help.
I am also installing a centos 6 and I want to use it with samba that allows me to share files from linux and windows, I know a little, I do not use linux much, but at work I have been asked, how can I do to share folders but in graphic mode ??.
Hi. Please help me! ... It turns out that by doing this in my user in linux mind, now I lost privileges. I can't run anything like sudo. I get the following message "Excuse me, the user" username "is not authorized to execute" command_to_run "as root in" username ""
I think that when I changed my user to the shared group, I took away privileges, and now how do I restore them ???
Hey friend is there any way to do the same but sharing files with other people on the Internet LAN
For this you must use SAMBA as File Server. Cheers
Hi. When I got to the command sudo chmod g + s dirname it tells me that the file or directory does not exist. Do you know what the problem is?
How do I create a group in another group?
The line:
sudo usermod -G shared sebastian
should be:
sudo usermod -a -G shared sebastian
the first way removes the rest of the user's groups.
and if you're sweaty, you lose your privileges