James Knott wrote:
eddieleprince wrote:
Inspired by Randall Schulz contribution, I would like to ask how would you set the umask (if that is how it is done) so that newly created files/directories keep the group and privileges of the container directory and not necessarily the group of the creator? By way of example, my default group may be "admin" but I want to create files in a directory owned by group "sales". I want that file to be readable by the sales group but I do want to have to do to a chown or chgrp each time I create a file.
A directory can't be owned by a group, but you can chgrp to that group. Then set the sticky bit, so that any files created will inherit the group ID. This way, when someone creates a file, while it will still be owned by the user, it will get the group's permission. However, the permission bits will still be determined by the file creators umask. He can, however, change the permissions, if necessary.
Forgot to mention, the default configuration in SuSE has everyone in the "users" group and then gives group members read access to all the home directories. In Red Hat, each user is given his own group, which keeps others out of his home directory. To do this in SuSE, you either have to change the user's group after creating the user or use Webmin to create the user. It's also a good idea to change /etc/skel, to remove the group permissions, when a user is created. I have no idea why SuSE fails on this issue, when they're supposed to be so focused on security.