Ubuntu Servers :: Group Permissions Aren't Working
Sep 9, 2010
i created a directory in my webserver as well as a group "webdevs" which I want to give write permissions to, and include my user so that i can edit.i used [addgroup webdevs] then [adduser MYUSER webdevs].then [sudo chown root:webdevs MYDIR]then [sudo chmod 774 MYDIR]when I try to cd to MYDIR under MYUSER, I get permission denied.
I have a couple of user accounts where each member belongs to a group i have created: Each user access the share using their own user account credentials. How can I configure Samba in a way so that each modification done on the share gets the owner of the user and my group instead of the user and the users own group? I would also like the access rights to be 770 to each modification.
In other words, today each modification by "userA" get the owner "userA.userA" and I would like it to be "userA.MyGroup" with "rwxrwx---" permissions.
In my /var/www directory, I have everything set up with: user: www-data group: developers directories: chmod 570 files: chmod 460
Everything seems fine. Users from the developers group can edit files and all, but now we began using the Git repository, and whenever a user edits a file (ie. Joe who is a developer,) file permissions get screwed again. Now they're: user: Joe group: Joe directories: chmod 755 files: chmod 644 How can I fix this so permissions remain the same?
i want secondary users can able to change the files permissions of primary group?user MAC is having www as a primary and httpd as secondary group. But he want to change the file permissions (chmod) httpd group files. Is it possible or not? I think its not possible. If it`s possible then let me know how?
Now I have set up a terminal server at work, with Ubuntu 10.04LTS and Free NX terminal server. All works great, over all expectations. But I have some file permission problems. In the home folder I have mad a folder where files that all users should have full access to is put. The problem is that when a user puts a file there, only that user have full access to that file, other users only have read rights. How can I make it so that all files put in this folder have full rights for members in the group "staff"?
A bit of an oddity that I've recently run into with my storage folder in my system; it's a newly installed drive that I've set to mount at /storage. When I first tried to use it, programs that I used that attempted to write to it tossed Access Denied errors at me in their own way. Checking the permissions (at the Terminal, ls -l / | grep storage) showed that /storage was set to 'rwxrwxr--'--Owner and Group were given full read/write/execute, but Others could only read. However, my logon to my system is a member of group root. Why, then, with the above bits set, would I not be able to write to it? Changing Others permissions to rwx (and presumably rw would have worked out for me since I don't leave anything executable there) allowed me to write to it, but I don't understand why that would have been necessary. So far as I'm aware, the prior drive that was in my system--mounted at the same location--did not need this treatment.
I don't remember changing any settings but i've noticed lately things like ctrl+P and ctrl+C and alt+tab just don't work, at all.... it's rather annoying actually... is there any way to re-enable hotkeys?
I upgraded to 11.04 and my mouses just stopped working. I have to use the keyboard for everything. My internet isn't working either Linksys WUSB600N v2 like it was before. I have tried 2 mouses and none of them work. They work on my laptop though.
My compiz animations (magic lamp, airplane, ...) aren't working.I have an Intel GMA 4500M onboard but that shouldn't be the problem (I can enable effects from System > Preferences > Appearance).I'm using ubuntu 10.04.
I am trying to set up a Samba share on one of my machines where I am the owner and a special group manages permissions for read-only access ( me:specialgroup ). If I log into the share as me, there is no problem (I have read/write privs as per usual). However, I am not able to log into the share using any of the group members (there is only one currently). That user is not able to access the share (failed to mount).
The folder (which is the share) is owned by me:specialgroup and the permissions have been forced down the folder. Samba is set to Share this folder with no guest or others write access.
My main account 'dave' runs as admin etc This was the output of 'groups dave': dave adm dialout cdrom plugdev lpadmin sambashare admin I was trying to add dave to the user group 'media-www' and i ran this command: 'usermod -G media-www dave' Then after another 'groups dave': dave : dave media-www It seems to have removed all the other groups! How do I restore this?
How can I give an application group permissions?There is a bug in the latest version of Ubuntu's Dovecot, where it is not apart of mail group, so it does not have write permission to the /var/mail directory by default. So I have to give it mail group permissions.
I tried many different ways to get a screen shot (gnome's tool, gimp, compiz plugin, xwd, import) and in all of them the screenshot was filled with jagged colored bars. I tried both with and without compiz and the same thing happened. I'm using gnome with fedora 11.
i am trying to finish up a lab in that i have i have some accounts created under groups called "mgmt" and "pl". I am trying to figure out how i can get the guys in "mgmt" to be able to modify files in a directory called "mgmt-final" but the guys in the group "pl" will only be allowed to read those files.
Originally Posted by slackuser67 In my case it was a permission thing. Logging in as root, sound worked, logging in as user didn't. I followed the adding myself to the audio group and that didn't do it either. But, adding myself to the video group did the trick. You wouldn't think that would work with getting video but no sound, but it did in my case. I'm having all the same problems, but I'm using DSL-N, and I can't figure out how to check or change the group permissions.
I need to assign permissions for ftp users. For that I need to create groups with different permissions like upload, download, rename, delete, rename and delete. And the users added to the group need to have that group permissions by default.
I am doing rhce course but i am very confused to answer these user and group permissions.the questions are like this...the owner of the /data must be user tom.primary group of /data must be the group sysadmins.the members of the group test must be able to write and create files in the /data.the members of the group web have no access to these directory.the user jack not belong to any of these gropus must have to edit files created in /data.the user tim can only list the contents.
the questions are always like these..i am okay with sgid and sticky bit.but i dnt know where to set default acl and other permissions.
I am running into a Brick wall with this. And thought that the knowledge and expertise here would be a good place to seek help.I have CentOS 5.4 server running Samba on a WinBloZ network. I have the groups all setup and that aspect works fine. But here lies the issues.In a shared directory with group permissions set if someone on the group with permission to this directory creates a file they are the only person that can edit / modify that file. That file need to be editable by the entire group. But the only way thus far I can achieve this is to manually chmod the files in the directory. I know there is a way to fix this, but I have not found it. Can someone please explain how to make this work for me.
This is a interesting confusing problem.Ok I have group with 3 users.I have a folder in /home with owner as root, and group that has read/write permissions.However if a user opens up a file and saves it via samba, the owner changes to the user, and the group members only have read permissions on the file.
I'm beginning to deal with more than one user on my system (it's a VPS serving some sites) and I need to make sure I understand how group permissions work. I have an account named "admin" .. it's basically the primary account that is used for serving most of the sites that I control myself. Now, I added a second account named "Ville" as one of my users wants to be able to administer that site. So, I can do this the easy way and just chown their domains folder under the ville user, they have permission to do whatever they need be and so forth. However, let's say I want to also give the admin user access to the files (modifying and all) .. how can I put both users into the same group and give them both permission?
I've tried doing: sudo usermod -a -G admin ville To add the ville into the admin group, but ville still cannot edit files by admin. Permissions for the primary directory for the ville user are read/write for both owner and group, and the current group for the files is admin:admin .. But ville still can't write into the directory. So, what should I be doing here to get this right and secure at the same time?
Did a fresh install of Maverick, all is well but if I insert a video DVD, it won't play. But if I open Movie Player, etc. as root, I can play the individual chapters - that is I need to manually choose which chapter to play, it won't start at the beginning and play to the end. Have installed libdvdcss3, restricted extras, etc. I am a member of the "video" group.Data & music CD's work fine in the drive; data DVD's are fine also. Just no DVD playing with me as the user; nor does the DVD appear in my Places menu, etc
this costed me a whole day of trying and retrying. I set up a small home server with apache, php, and mysql.
System infos: Linux 2.6.31-22-generic-pae Ubuntu 9.10 Karmic Server edition Apache/2.2.12 (Ubuntu)
Until now, it served happily a couple of sites, with no problems. But now, I wanted to set up my ftp server to point to the same directory as one of the sites, for me to be able to upload and manage files via ftp. As a server I normally use proftpd. With my usual config, proftpd runs with its own user and simulates the user ftpuser:ftpgroup when creating files. So I just changed all the files to be owned by this user and group. Permissions set to 770.
Everything works fine, and I'm able to access the data via ftp. BUT, when I try to browse my site the usual way (i.e. point firefox to its address) a 403 forbidden error is issued. Of course, you will say: you didn't allow access to apache. Well, I remembered that right away, and added the user www-data to the ftpgroup user. Now I espect apache to be able to read and serve the files.
Still same problem. 403. The apache error log is full with "permission denied" errors. After many attempts, I logged in as the user www-data, and tested access to the files. This way I'm able to cd into the directory, and read-write the files with nano. As a test, I tryed the other way around. Setting www-data:www-data as the owner of the files, and adding the ftpuser to the www-data group. This way apache works, but proftpd does not. Most probably it has something to do with a misunderstanding of groups permissions or the way this two deamons access the files.
I had the "set-cap" exception problem, so when the fix was released, I updated. Since then, the ubuntuone-preferences dialog will not start or work. I tried the me bar, the system menu, and the CLI.Now, I bought some music the first day the store opened and it downloaded fine. Then yesterday I bought another album and the store hangs on "downloading the files." Six hours later, it still won't move.
It gets weirder. The music store says its trying to download a couple of tracks from the first album (even though they are already downloaded), the second album shows up as downloaded under the Web UI, but doesn't show up at all on my desktop .ubuntuone folder.I've tried the IRC a couple of times, with no response. (In fairness, it may have been bad timing, I'm in New York) I don't mind trying to sort this out myself, but I'd just like some more hints. I've looked at the syncd log and found the exception, but I don't know how else to restart the syncd. At the same time, my files *are* synching, and *one* of my address books is synching (my gmail account contacts aren't). I know this is alot at once, but I'm afraid of dividing the problem and missing something.
A colleague of mine has a Linux box (running Debian I believe) with an SVN repository on it. The repository directory and files 'owner' is my colleauge. We are both members of a group called 'users'. He manages several projects both Linux and Windows apps, while I have one Windows app. For the Windows apps, we both use TortoiseSVN via an SSH link to commit/update. Performing the command 'ls -l' shows the repository files and folders on the Linux box to have the following permissions:
-rwxrwx--- john users
However, when my colleauge commits to the repository, the permissions change to:
-rwxrwx--- john john
This then means I get 'Permission denied' when trying to access the repository myself as it appears that the group permissions have been overwritten with only 'owner' permissions. To fix this, a 'chown -R' command is applied to the files/folders to set the permissions back to owner/group, but each time he writes to the repository, the issue repeats.
I'm studying Linux and just started reading about permissions and ownership. My question is how would you have multiple users or groups given access to a certain directory? When doing an ls -l I see the owner, group and others that have permissions that have access to the file or directory. But what if I need multiple different groups access to a particular file or directory all with different permissions?
Im trying to change a group to have read write and execute permissions on everything in the system through command prompt, some people told me to edit the /etc/group file but i don't have a file that exists there under that name, but the group does already exist, i just don't know where its located. Anyone have a clue where i can check or what to do ?
I was about to post a new thread and saw that there are several answers out here already and I have done the new group permission one on my server -- actually on my test server I just added "my user" to the group "root" to gain rw access to /var/www/htdocs/.Someone suggested that the proper way might be to do symlinks to the directory in a real production environment and I wanted to find out if that is the *best* way to go or whether to actually make a group "www_admin" (pick your favorite flavor of this) and add my users to that group?
I guess I am looking for the "best practice" in a real corporate production environment that is most secure.