setuid confusion, change owner of files created to particular user:group
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I am trying to setup a directory /opt/www in such a way that when a user who belongs to the group django creates/modifies files and directorys within, they are set to owner django and group django.
I have looked at setuid and setgid confusion and Special File Permissions (setuid, setgid and Sticky Bit)
From this I chmod 6775 /opt/www However touch /opt/www/test yeilds
-rw-rw-r-- 1 wurst django 0 Mar 16 13:58 test
Q) How do I implement this requirement of having any user that belongs to group django, and creates a file or folder within /opt/www, to have it automaticaly chown django:django? (not :django)
Secondly, I am curious if this is nessisary for security purposes or if simply doing a chown -R :django and not worying about the owner beingt he user who created the file.
Note: in addition to creating the group django and adding my regular user account to this group, I have also created a system user via useradd -rg django django
Im oposed to storing my project within my home directory, although this will be on a live site, the site itself wont see much traffic as It will not be submiting it to search engines not premoted. Its sole purpose in life it as a learning platform for myself.
What might I be doing wrong? Do i need to write a custom script and schedule a cron job for it?
setuid
asked Mar 16 at 18:38
meschael
84
add a comment |Â
up vote
1
down vote
favorite
I am trying to setup a directory /opt/www in such a way that when a user who belongs to the group django creates/modifies files and directorys within, they are set to owner django and group django.
I have looked at setuid and setgid confusion and Special File Permissions (setuid, setgid and Sticky Bit)
From this I chmod 6775 /opt/www However touch /opt/www/test yeilds
-rw-rw-r-- 1 wurst django 0 Mar 16 13:58 test
Q) How do I implement this requirement of having any user that belongs to group django, and creates a file or folder within /opt/www, to have it automaticaly chown django:django? (not :django)
Secondly, I am curious if this is nessisary for security purposes or if simply doing a chown -R :django and not worying about the owner beingt he user who created the file.
Note: in addition to creating the group django and adding my regular user account to this group, I have also created a system user via useradd -rg django django
Im oposed to storing my project within my home directory, although this will be on a live site, the site itself wont see much traffic as It will not be submiting it to search engines not premoted. Its sole purpose in life it as a learning platform for myself.
What might I be doing wrong? Do i need to write a custom script and schedule a cron job for it?
setuid
asked Mar 16 at 18:38
meschael
84
Related question: How do you get linux to honor setuid directories?. TL;DR: Linux ignores setuid on directories, so you'll need to use alternative means if it's important (test to find out!)
– ErikF
Mar 16 at 18:57
I very much appreciate this link, not sure how or why I missed it but its definitely helpful. Beyond the debate one user suggested access control lists, to set default permissions. I am investigating this as my solution. Thank you.
– meschael
Mar 16 at 20:06
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I am trying to setup a directory /opt/www in such a way that when a user who belongs to the group django creates/modifies files and directorys within, they are set to owner django and group django.
I have looked at setuid and setgid confusion and Special File Permissions (setuid, setgid and Sticky Bit)
From this I chmod 6775 /opt/www However touch /opt/www/test yeilds
-rw-rw-r-- 1 wurst django 0 Mar 16 13:58 test
Q) How do I implement this requirement of having any user that belongs to group django, and creates a file or folder within /opt/www, to have it automaticaly chown django:django? (not :django)
Secondly, I am curious if this is nessisary for security purposes or if simply doing a chown -R :django and not worying about the owner beingt he user who created the file.
Note: in addition to creating the group django and adding my regular user account to this group, I have also created a system user via useradd -rg django django
Im oposed to storing my project within my home directory, although this will be on a live site, the site itself wont see much traffic as It will not be submiting it to search engines not premoted. Its sole purpose in life it as a learning platform for myself.
What might I be doing wrong? Do i need to write a custom script and schedule a cron job for it?
setuid
asked Mar 16 at 18:38
meschael
84
I am trying to setup a directory /opt/www in such a way that when a user who belongs to the group django creates/modifies files and directorys within, they are set to owner django and group django.
I have looked at setuid and setgid confusion and Special File Permissions (setuid, setgid and Sticky Bit)
From this I chmod 6775 /opt/www However touch /opt/www/test yeilds
-rw-rw-r-- 1 wurst django 0 Mar 16 13:58 test
Q) How do I implement this requirement of having any user that belongs to group django, and creates a file or folder within /opt/www, to have it automaticaly chown django:django? (not :django)
Secondly, I am curious if this is nessisary for security purposes or if simply doing a chown -R :django and not worying about the owner beingt he user who created the file.
Note: in addition to creating the group django and adding my regular user account to this group, I have also created a system user via useradd -rg django django
Im oposed to storing my project within my home directory, although this will be on a live site, the site itself wont see much traffic as It will not be submiting it to search engines not premoted. Its sole purpose in life it as a learning platform for myself.
What might I be doing wrong? Do i need to write a custom script and schedule a cron job for it?
setuid
asked Mar 16 at 18:38
meschael
84
edited Mar 16 at 18:46
asked Mar 16 at 18:38
meschael
84
asked Mar 16 at 18:38
meschael
84
asked Mar 16 at 18:38
meschael
84
84
Related question: How do you get linux to honor setuid directories?. TL;DR: Linux ignores setuid on directories, so you'll need to use alternative means if it's important (test to find out!)
– ErikF
Mar 16 at 18:57
I very much appreciate this link, not sure how or why I missed it but its definitely helpful. Beyond the debate one user suggested access control lists, to set default permissions. I am investigating this as my solution. Thank you.
– meschael
Mar 16 at 20:06
add a comment |Â
Related question: How do you get linux to honor setuid directories?. TL;DR: Linux ignores setuid on directories, so you'll need to use alternative means if it's important (test to find out!)
– ErikF
Mar 16 at 18:57
I very much appreciate this link, not sure how or why I missed it but its definitely helpful. Beyond the debate one user suggested access control lists, to set default permissions. I am investigating this as my solution. Thank you.
– meschael
Mar 16 at 20:06
Related question: How do you get linux to honor setuid directories?. TL;DR: Linux ignores setuid on directories, so you'll need to use alternative means if it's important (test to find out!)
– ErikF
Mar 16 at 18:57
Related question: How do you get linux to honor setuid directories?. TL;DR: Linux ignores setuid on directories, so you'll need to use alternative means if it's important (test to find out!)
– ErikF
Mar 16 at 18:57
I very much appreciate this link, not sure how or why I missed it but its definitely helpful. Beyond the debate one user suggested access control lists, to set default permissions. I am investigating this as my solution. Thank you.
– meschael
Mar 16 at 20:06
I very much appreciate this link, not sure how or why I missed it but its definitely helpful. Beyond the debate one user suggested access control lists, to set default permissions. I am investigating this as my solution. Thank you.
– meschael
Mar 16 at 20:06
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f430670%2fsetuid-confusion-change-owner-of-files-created-to-particular-usergroup%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Related question: How do you get linux to honor setuid directories?. TL;DR: Linux ignores setuid on directories, so you'll need to use alternative means if it's important (test to find out!)
– ErikF
Mar 16 at 18:57
I very much appreciate this link, not sure how or why I missed it but its definitely helpful. Beyond the debate one user suggested access control lists, to set default permissions. I am investigating this as my solution. Thank you.
– meschael
Mar 16 at 20:06