Granting permission for all users in a group to write to a directory and all its subdirectories












1















Trying out Linode for the first time, running an Arch Linux image, I successfully installed nginx as root.



This, however, made /usr/share/nginx/html inaccessible to non-root users.



Intuitively, I thought this would work:





  • newgrp www (create a new group)


  • chgrp -R www /usr/share/nginx/html (associate directory recursively with new group)


  • chmod -R g=rw /usr/share/nginx/html (give read-write permissions to new group)


  • usermod -a -G www john.doe (add non-root user to new group)


However, I still could not write files to /usr/share/nginx/html as john.doe. I also tried




  • chown -R :www /usr/share/nginx/html


to see if it had any effect—it didn't.



Here's what the setup looks like currently:



[john.doe@hydrogen nginx]$ ls -l
total 4
drwxrw-r-x 4 root www 4096 Dec 19 08:10 html
[john.doe@hydrogen nginx]$ id
uid=1000(john.doe) gid=100(users) groups=100(users),10(wheel)
[john.doe@hydrogen nginx]$ groups john.doe
wheel www users


What am I misunderstanding / missing that I can't write to this directory?










share|improve this question




















  • 1





    new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',

    – ctrl-alt-delor
    Dec 19 '13 at 14:06













  • Obscuring information makes questions difficult to understand. id says you're john.doe, but you ran groups acheong87. These aren't the same user.

    – Patrick
    Dec 19 '13 at 14:07











  • @Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)

    – Andrew Cheong
    Dec 19 '13 at 14:08






  • 1





    In addition to what richard said, you removed the execute bit from the group on the html directory. You need execute when working with directories.

    – Patrick
    Dec 19 '13 at 14:09











  • @Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX as root. Thank you.

    – Andrew Cheong
    Dec 19 '13 at 14:14
















1















Trying out Linode for the first time, running an Arch Linux image, I successfully installed nginx as root.



This, however, made /usr/share/nginx/html inaccessible to non-root users.



Intuitively, I thought this would work:





  • newgrp www (create a new group)


  • chgrp -R www /usr/share/nginx/html (associate directory recursively with new group)


  • chmod -R g=rw /usr/share/nginx/html (give read-write permissions to new group)


  • usermod -a -G www john.doe (add non-root user to new group)


However, I still could not write files to /usr/share/nginx/html as john.doe. I also tried




  • chown -R :www /usr/share/nginx/html


to see if it had any effect—it didn't.



Here's what the setup looks like currently:



[john.doe@hydrogen nginx]$ ls -l
total 4
drwxrw-r-x 4 root www 4096 Dec 19 08:10 html
[john.doe@hydrogen nginx]$ id
uid=1000(john.doe) gid=100(users) groups=100(users),10(wheel)
[john.doe@hydrogen nginx]$ groups john.doe
wheel www users


What am I misunderstanding / missing that I can't write to this directory?










share|improve this question




















  • 1





    new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',

    – ctrl-alt-delor
    Dec 19 '13 at 14:06













  • Obscuring information makes questions difficult to understand. id says you're john.doe, but you ran groups acheong87. These aren't the same user.

    – Patrick
    Dec 19 '13 at 14:07











  • @Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)

    – Andrew Cheong
    Dec 19 '13 at 14:08






  • 1





    In addition to what richard said, you removed the execute bit from the group on the html directory. You need execute when working with directories.

    – Patrick
    Dec 19 '13 at 14:09











  • @Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX as root. Thank you.

    – Andrew Cheong
    Dec 19 '13 at 14:14














1












1








1








Trying out Linode for the first time, running an Arch Linux image, I successfully installed nginx as root.



This, however, made /usr/share/nginx/html inaccessible to non-root users.



Intuitively, I thought this would work:





  • newgrp www (create a new group)


  • chgrp -R www /usr/share/nginx/html (associate directory recursively with new group)


  • chmod -R g=rw /usr/share/nginx/html (give read-write permissions to new group)


  • usermod -a -G www john.doe (add non-root user to new group)


However, I still could not write files to /usr/share/nginx/html as john.doe. I also tried




  • chown -R :www /usr/share/nginx/html


to see if it had any effect—it didn't.



Here's what the setup looks like currently:



[john.doe@hydrogen nginx]$ ls -l
total 4
drwxrw-r-x 4 root www 4096 Dec 19 08:10 html
[john.doe@hydrogen nginx]$ id
uid=1000(john.doe) gid=100(users) groups=100(users),10(wheel)
[john.doe@hydrogen nginx]$ groups john.doe
wheel www users


What am I misunderstanding / missing that I can't write to this directory?










share|improve this question
















Trying out Linode for the first time, running an Arch Linux image, I successfully installed nginx as root.



This, however, made /usr/share/nginx/html inaccessible to non-root users.



Intuitively, I thought this would work:





  • newgrp www (create a new group)


  • chgrp -R www /usr/share/nginx/html (associate directory recursively with new group)


  • chmod -R g=rw /usr/share/nginx/html (give read-write permissions to new group)


  • usermod -a -G www john.doe (add non-root user to new group)


However, I still could not write files to /usr/share/nginx/html as john.doe. I also tried




  • chown -R :www /usr/share/nginx/html


to see if it had any effect—it didn't.



Here's what the setup looks like currently:



[john.doe@hydrogen nginx]$ ls -l
total 4
drwxrw-r-x 4 root www 4096 Dec 19 08:10 html
[john.doe@hydrogen nginx]$ id
uid=1000(john.doe) gid=100(users) groups=100(users),10(wheel)
[john.doe@hydrogen nginx]$ groups john.doe
wheel www users


What am I misunderstanding / missing that I can't write to this directory?







permissions users group chown nginx






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 15 mins ago







Andrew Cheong

















asked Dec 19 '13 at 13:57









Andrew CheongAndrew Cheong

2851518




2851518








  • 1





    new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',

    – ctrl-alt-delor
    Dec 19 '13 at 14:06













  • Obscuring information makes questions difficult to understand. id says you're john.doe, but you ran groups acheong87. These aren't the same user.

    – Patrick
    Dec 19 '13 at 14:07











  • @Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)

    – Andrew Cheong
    Dec 19 '13 at 14:08






  • 1





    In addition to what richard said, you removed the execute bit from the group on the html directory. You need execute when working with directories.

    – Patrick
    Dec 19 '13 at 14:09











  • @Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX as root. Thank you.

    – Andrew Cheong
    Dec 19 '13 at 14:14














  • 1





    new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',

    – ctrl-alt-delor
    Dec 19 '13 at 14:06













  • Obscuring information makes questions difficult to understand. id says you're john.doe, but you ran groups acheong87. These aren't the same user.

    – Patrick
    Dec 19 '13 at 14:07











  • @Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)

    – Andrew Cheong
    Dec 19 '13 at 14:08






  • 1





    In addition to what richard said, you removed the execute bit from the group on the html directory. You need execute when working with directories.

    – Patrick
    Dec 19 '13 at 14:09











  • @Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX as root. Thank you.

    – Andrew Cheong
    Dec 19 '13 at 14:14








1




1





new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',

– ctrl-alt-delor
Dec 19 '13 at 14:06







new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',

– ctrl-alt-delor
Dec 19 '13 at 14:06















Obscuring information makes questions difficult to understand. id says you're john.doe, but you ran groups acheong87. These aren't the same user.

– Patrick
Dec 19 '13 at 14:07





Obscuring information makes questions difficult to understand. id says you're john.doe, but you ran groups acheong87. These aren't the same user.

– Patrick
Dec 19 '13 at 14:07













@Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)

– Andrew Cheong
Dec 19 '13 at 14:08





@Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)

– Andrew Cheong
Dec 19 '13 at 14:08




1




1





In addition to what richard said, you removed the execute bit from the group on the html directory. You need execute when working with directories.

– Patrick
Dec 19 '13 at 14:09





In addition to what richard said, you removed the execute bit from the group on the html directory. You need execute when working with directories.

– Patrick
Dec 19 '13 at 14:09













@Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX as root. Thank you.

– Andrew Cheong
Dec 19 '13 at 14:14





@Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX as root. Thank you.

– Andrew Cheong
Dec 19 '13 at 14:14










1 Answer
1






active

oldest

votes


















2














Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f105895%2fgranting-permission-for-all-users-in-a-group-to-write-to-a-directory-and-all-its%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    2














    Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.






    share|improve this answer




























      2














      Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.






      share|improve this answer


























        2












        2








        2







        Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.






        share|improve this answer













        Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Dec 19 '13 at 14:11









        sparticvssparticvs

        1,969918




        1,969918






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f105895%2fgranting-permission-for-all-users-in-a-group-to-write-to-a-directory-and-all-its%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Accessing regular linux commands in Huawei's Dopra Linux

            Can't connect RFCOMM socket: Host is down

            Kernel panic - not syncing: Fatal Exception in Interrupt