I have a powerful desktop, — and yes, runs Linux. It has a quad-core CPU, and 10GB RAM. My wife only has a small laptop. So, when she needs to do more serious work, like photo processing, she logs in my machine (using her own account) to do it.
And then we have a problem. All our pictures are stored in one shared repository, which is a directory under “/var”. Any file or picture I created in that directory, automatically received the ownership “my_user_id:users”, where “users” is my default group; and the default permission for the files I created are 744, which means my wife can’t modify it without changing the file permission first; and vice versa.
That’s really inconvenient. So I want to find a way, to achieve following goals:
- Any file / directory we created in our repository, must have group “family”, which is a group I created for just two of us.
- The files we created in the repository should automatically have default permission 664, so both of us can modify them without having to change the file permission first.
- I don’t want to change our “umask”, because that will change the default file permission for anywhere, where I just want that for that specific directory.
I though it should be easy, but it turned out not that straightforward. After some research, here is what I did (do all these as root):
chgrp family /var/pictures chmod 774 /var/pictures # users in other groups can also look into this repository setfacl -d -m g:family:rw /var/pictures chmod g+s /var/pictures
If you are interested in the details behind these commands, you can look at this article: Access control lists: Creating an efficient Linux file server with default permissions.
After these changes, we can work smoothly together in the same directory.