Granting permission for all users in a group to write to a directory and all its subdirectories
Trying out Linode for the first time, running an Arch Linux image, I successfully installed nginx as root.
This, however, made /usr/share/nginx/html
inaccessible to non-root users.
Intuitively, I thought this would work:
newgrp www
(create a new group)
chgrp -R www /usr/share/nginx/html
(associate directory recursively with new group)
chmod -R g=rw /usr/share/nginx/html
(give read-write permissions to new group)
usermod -a -G www john.doe
(add non-root user to new group)
However, I still could not write files to /usr/share/nginx/html
as john.doe. I also tried
chown -R :www /usr/share/nginx/html
to see if it had any effect—it didn't.
Here's what the setup looks like currently:
[john.doe@hydrogen nginx]$ ls -l
total 4
drwxrw-r-x 4 root www 4096 Dec 19 08:10 html
[john.doe@hydrogen nginx]$ id
uid=1000(john.doe) gid=100(users) groups=100(users),10(wheel)
[john.doe@hydrogen nginx]$ groups john.doe
wheel www users
What am I misunderstanding / missing that I can't write to this directory?
permissions users group chown nginx
|
show 2 more comments
Trying out Linode for the first time, running an Arch Linux image, I successfully installed nginx as root.
This, however, made /usr/share/nginx/html
inaccessible to non-root users.
Intuitively, I thought this would work:
newgrp www
(create a new group)
chgrp -R www /usr/share/nginx/html
(associate directory recursively with new group)
chmod -R g=rw /usr/share/nginx/html
(give read-write permissions to new group)
usermod -a -G www john.doe
(add non-root user to new group)
However, I still could not write files to /usr/share/nginx/html
as john.doe. I also tried
chown -R :www /usr/share/nginx/html
to see if it had any effect—it didn't.
Here's what the setup looks like currently:
[john.doe@hydrogen nginx]$ ls -l
total 4
drwxrw-r-x 4 root www 4096 Dec 19 08:10 html
[john.doe@hydrogen nginx]$ id
uid=1000(john.doe) gid=100(users) groups=100(users),10(wheel)
[john.doe@hydrogen nginx]$ groups john.doe
wheel www users
What am I misunderstanding / missing that I can't write to this directory?
permissions users group chown nginx
1
new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',
– ctrl-alt-delor
Dec 19 '13 at 14:06
Obscuring information makes questions difficult to understand.id
says you'rejohn.doe
, but you rangroups acheong87
. These aren't the same user.
– Patrick
Dec 19 '13 at 14:07
@Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)
– Andrew Cheong
Dec 19 '13 at 14:08
1
In addition to what richard said, you removed the execute bit from the group on thehtml
directory. You need execute when working with directories.
– Patrick
Dec 19 '13 at 14:09
@Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX asroot
. Thank you.
– Andrew Cheong
Dec 19 '13 at 14:14
|
show 2 more comments
Trying out Linode for the first time, running an Arch Linux image, I successfully installed nginx as root.
This, however, made /usr/share/nginx/html
inaccessible to non-root users.
Intuitively, I thought this would work:
newgrp www
(create a new group)
chgrp -R www /usr/share/nginx/html
(associate directory recursively with new group)
chmod -R g=rw /usr/share/nginx/html
(give read-write permissions to new group)
usermod -a -G www john.doe
(add non-root user to new group)
However, I still could not write files to /usr/share/nginx/html
as john.doe. I also tried
chown -R :www /usr/share/nginx/html
to see if it had any effect—it didn't.
Here's what the setup looks like currently:
[john.doe@hydrogen nginx]$ ls -l
total 4
drwxrw-r-x 4 root www 4096 Dec 19 08:10 html
[john.doe@hydrogen nginx]$ id
uid=1000(john.doe) gid=100(users) groups=100(users),10(wheel)
[john.doe@hydrogen nginx]$ groups john.doe
wheel www users
What am I misunderstanding / missing that I can't write to this directory?
permissions users group chown nginx
Trying out Linode for the first time, running an Arch Linux image, I successfully installed nginx as root.
This, however, made /usr/share/nginx/html
inaccessible to non-root users.
Intuitively, I thought this would work:
newgrp www
(create a new group)
chgrp -R www /usr/share/nginx/html
(associate directory recursively with new group)
chmod -R g=rw /usr/share/nginx/html
(give read-write permissions to new group)
usermod -a -G www john.doe
(add non-root user to new group)
However, I still could not write files to /usr/share/nginx/html
as john.doe. I also tried
chown -R :www /usr/share/nginx/html
to see if it had any effect—it didn't.
Here's what the setup looks like currently:
[john.doe@hydrogen nginx]$ ls -l
total 4
drwxrw-r-x 4 root www 4096 Dec 19 08:10 html
[john.doe@hydrogen nginx]$ id
uid=1000(john.doe) gid=100(users) groups=100(users),10(wheel)
[john.doe@hydrogen nginx]$ groups john.doe
wheel www users
What am I misunderstanding / missing that I can't write to this directory?
permissions users group chown nginx
permissions users group chown nginx
edited 15 mins ago
Andrew Cheong
asked Dec 19 '13 at 13:57
Andrew CheongAndrew Cheong
2851518
2851518
1
new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',
– ctrl-alt-delor
Dec 19 '13 at 14:06
Obscuring information makes questions difficult to understand.id
says you'rejohn.doe
, but you rangroups acheong87
. These aren't the same user.
– Patrick
Dec 19 '13 at 14:07
@Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)
– Andrew Cheong
Dec 19 '13 at 14:08
1
In addition to what richard said, you removed the execute bit from the group on thehtml
directory. You need execute when working with directories.
– Patrick
Dec 19 '13 at 14:09
@Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX asroot
. Thank you.
– Andrew Cheong
Dec 19 '13 at 14:14
|
show 2 more comments
1
new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',
– ctrl-alt-delor
Dec 19 '13 at 14:06
Obscuring information makes questions difficult to understand.id
says you'rejohn.doe
, but you rangroups acheong87
. These aren't the same user.
– Patrick
Dec 19 '13 at 14:07
@Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)
– Andrew Cheong
Dec 19 '13 at 14:08
1
In addition to what richard said, you removed the execute bit from the group on thehtml
directory. You need execute when working with directories.
– Patrick
Dec 19 '13 at 14:09
@Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX asroot
. Thank you.
– Andrew Cheong
Dec 19 '13 at 14:14
1
1
new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',
– ctrl-alt-delor
Dec 19 '13 at 14:06
new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',
– ctrl-alt-delor
Dec 19 '13 at 14:06
Obscuring information makes questions difficult to understand.
id
says you're john.doe
, but you ran groups acheong87
. These aren't the same user.– Patrick
Dec 19 '13 at 14:07
Obscuring information makes questions difficult to understand.
id
says you're john.doe
, but you ran groups acheong87
. These aren't the same user.– Patrick
Dec 19 '13 at 14:07
@Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)
– Andrew Cheong
Dec 19 '13 at 14:08
@Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)
– Andrew Cheong
Dec 19 '13 at 14:08
1
1
In addition to what richard said, you removed the execute bit from the group on the
html
directory. You need execute when working with directories.– Patrick
Dec 19 '13 at 14:09
In addition to what richard said, you removed the execute bit from the group on the
html
directory. You need execute when working with directories.– Patrick
Dec 19 '13 at 14:09
@Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX as
root
. Thank you.– Andrew Cheong
Dec 19 '13 at 14:14
@Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX as
root
. Thank you.– Andrew Cheong
Dec 19 '13 at 14:14
|
show 2 more comments
1 Answer
1
active
oldest
votes
Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f105895%2fgranting-permission-for-all-users-in-a-group-to-write-to-a-directory-and-all-its%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.
add a comment |
Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.
add a comment |
Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.
Add the Execute bit to your directories. As it stands, john.doe can write and read files in the directory but can't see the files in the directory. You can see this is true by having john.doe edit a file using a path that is inside the directory.
answered Dec 19 '13 at 14:11
sparticvssparticvs
1,969918
1,969918
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f105895%2fgranting-permission-for-all-users-in-a-group-to-write-to-a-directory-and-all-its%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
new groups do not activate immediately. I had loads of trouble with this, when I added a new group to my self. Logging out and back in fixes it. I don't remember the other option. But try 'newgrp',
– ctrl-alt-delor
Dec 19 '13 at 14:06
Obscuring information makes questions difficult to understand.
id
says you'rejohn.doe
, but you rangroups acheong87
. These aren't the same user.– Patrick
Dec 19 '13 at 14:07
@Patrick - My mistake—fixed. (I thought using generic placeholders would make it easier to read.)
– Andrew Cheong
Dec 19 '13 at 14:08
1
In addition to what richard said, you removed the execute bit from the group on the
html
directory. You need execute when working with directories.– Patrick
Dec 19 '13 at 14:09
@Patrick - Agh, that was it! And logging out and back in. I can't believe I never knew that. I guess I never paid much attention, having always learned/developed on UNIX as
root
. Thank you.– Andrew Cheong
Dec 19 '13 at 14:14