[nSLUG] User Access Strategies
rory at unixism.org
Mon Nov 1 15:35:38 AST 2004
use facl based permissions. This gives you much finer-grain control
over file perms and inheritance than good old chmod g+s schemes.
take a look at man pages for getfacl and setfacl. Also some popular
linux mags have had articles on their use. facls have saved me a lot
of pain on file servers that need strange sharing between users.
Jeff MacDonald wrote:
>We have 3 developers, that need access to all files in
>As well some of those files have to be owned by clients.
>Latly there has been alot of need for intervention of root [aka "me"]
>to chown/chmod files etc, and it's getting to be a pain in the arse.
>The solution I have come up with from research etc is to make a group
>[lets say, "dev"] and chgrp all files to that group. Then chmod g+rwx
>all files, and set the sticky bit so new files/directories inherit
>from their parents. Finally change the umask of the developers to 002...
>My other idea was to make a "pseudo account" that all the developers use..
>this seems great, but also seems to go against everything i believe in :)
>Finally, give the guys sudo to chmod/chgrp, but that just seems crazy.
>anyways, let me know your opinions.
More information about the nSLUG