keep file permissions for new files in Linux - linux

I need that the user tom can write/delete current log files and also log files created in the future by the user owner from the directory for in the path:
/one/two/three/for/.
The directory /for/ had these permissions:
drwxr-xr-x 3 owner owner 12288 Feb 27 10:17 for
The user tom belongs to the group owner.
I changed the permissions of the for directory with
chmod -R g+w for/*
so now i have
drwxrwxr-x 3 owner owner 12288 Feb 27 11:17 for
and the files inside the for directory have these permissions (664):
-rw-rw-r-- 1 owner owner 2028593 Feb 28 2018 file
but after the creation of a new file it has still the old permissions (644):
-rw-r--r-- 1 owner owner 2028593 Feb 28 2018 newfile
Do you know the way to keep these permissions?
Thanks

I used root user but I found that I can delete it with the user tom. I didn't try it before. So it's solved.
It inherits the permissions from the directory.
Thank you

Related

Cron files /etc/at.allow and /etc/cron.allow files, root permission abnormal behaviour?

In my open vpn server, i am ensuring cron file permission to be only accessable from root user.
I have removed the at.deny and cron.deny files and have created at.allow and cron.allow and 0600 permissions are applied for files, both files are empty and file permissions are as below, which clearly says root has read and write access.
-rw------- 1 root root 0 Jul 21 08:40 cron.allow
-rw------- 1 root root 0 Jul 21 08:40 at.allow
however this change allows my openvpnas user to still list the crontab and even allows to edit cron.
openvpnas#openvpnas2:~$ crontab -l
no crontab for openvpnas
Where as when the file permissions are as below,
-rw-r--r-- 1 root root 0 Jul 21 08:41 cron.allow
-rw-r--r-- 1 root root 0 Jul 21 08:41 at.allow
It restricts my non root users to access or edit cron files! This issue is only with one of my server, where as other server permissions and behaviours are as expected,
openvpnas#openvpnas2:~$ crontab -l
You (openvpnas) are not allowed to use this program (crontab)
See crontab(1) for more information
Please provide your inputs on this, this has kept me blocked from continuing my work.
This issue i faced was in Ubuntu 18.04 instance,
Current /usr/bin/crontab permission was as below,
-rwxr-sr-x 1 root crontab 39352 Nov 16 2017 /usr/bin/crontab
Had to change the group user from crontab to root and file permission to as below,
sudo chmod 4755 /usr/bin/crontab
sudo chown root:root /usr/bin/crontab
-rwsr-xr-x 1 root root 39352 Nov 16 2017 /usr/bin/crontab
This permission restricts the non-root user to schedule cronjobs. The access can be allowed to non-root users by adding the user names in cron.allow file.
openvpnas#openvpnas2:~$ crontab -l
You (openvpnas) are not allowed to use this program (crontab)
See crontab(1) for more information

file owner can not change ownership in Linux

In Linux, I am the owner of a file, then I tried to change owner to another account, failed. Operation not permitted. Do you know why ? I am the user 'BBB'. Thanks
-bash-4.1$ ls -al
drwxrwxrwx 2 AAA games 4096 Nov 23 14:39 .
drwxr-xr-x 3 AAA games 4096 Nov 23 14:36 ..
-rw-r--r-- 1 BBB esmgroup 16798 Nov 23 14:38 XXX-1.0-SNAPSHOT.jar
-bash-4.1$ chown AAA:games ./*.jar
chown: changing ownership of `./XXX-1.0-SNAPSHOT.jar': Operation not permitted
Only root can change the owner on the file. That's final.
You can do that by login to root using su or use sudo before your command.
More information here: https://unix.stackexchange.com/questions/27350/why-cant-a-normal-user-chown-a-file
You can change the file's group if you're in more than one group.
You should login to root account to be granted to change ownership to any user
You can type sudo before the command and then login to your root user

Deleting a directory as a non-owner of the directory

I have a directory with full permissions with root as owner. What I want is to be able to remove it as a normal user. However, i am not allowed to do so:
radu#Workstation:/tmp$ ls -l | grep cucu
drwxrwxrwx 2 root root 4096 oct 20 10:28 cucu
radu#Workstation:/tmp$ ls -la cucu
total 52
drwxrwxrwx 2 root root 4096 oct 20 10:28 .
drwxrwxrwt 66 root root 45056 oct 20 10:28 ..
radu#Workstation:/tmp$ rm -r cucu
rm: cannot remove 'cucu': Operation not permitted
What do I not get right?
Removing a directory (or a file) consists in deleting its entry into its containing directory, so to remove cucu you need permissions on its parent; alas access rights are rwxrwxrwt, and the t means removal authorized for owner only, as the owner is root, only root can remove cucu.
Sticky bit is set , so only owner can remove the directory.
This is because only root has the permission to remove directory, as you can see
drwxrwxrwx 2 root root 4096 oct 20 10:28 cucu
From your root, change the Permission of directory using chown. For example-
chown radu cucu
Check this out for more info on chown command on linux.
http://www.thegeekstuff.com/2012/06/chown-examples

How to give permissions to other user after logging as root in Linux?

I am a linux newbie and I have a very basic question. I have one machine which is machineA and I have a root access to that machine.
Now I need to create these below two directories and give permissions to app user.
Create ZooKeeper Data directory and give permissions to app : /opt/zookeeper/data
Create ZooKeeper Log directory and give permissions to app : /opt/zookeeper/log
I have already created those directories in /opt folder by logging as root -
root#machineA:/opt# ls -lt
drwxr-xr-x 4 root root 4096 Dec 17 13:46 zookeeper
root#machineA:/opt/zookeeper# ls -lt
drwxr-xr-x 2 root root 4096 Dec 17 13:46 log
drwxr-xr-x 2 root root 4096 Dec 17 13:45 data
Now I am not sure how to give permissions to app user as mentioned above? I believe this is pretty easy question but I am not sure how to do that?
Any thoughts?
Here you go:
chown -R app /opt/zookeeper
This will change owner of the /opt/zookeeper directory and all its subdirectories to app.
Use chown to change the owner of a file (or directory):
chown app log data

Change user and group of files

I want to know is it possible to change the files user and group to same as user and group of the parent automatically.
For eg. Existing issue
getfacl /home/Test/UPS/
getfacl: Removing leading '/' from absolute path names
# file: home/Test/UPS
# owner: user1
# group: basegroup
user::rwx
group::r-x
other::r-x
ls -l /home/Test/UPS/
-rw-r--r-- 1 user1 basegroup 1450 Jul 12 11:54 file.edi
ls -l /home/Test/UPS/
-rw-r--r-- 1 user2 group2 1450 Jul 12 11:54 file.edi
my group2 is part of basegroup
I want files with permission as below automatically whenever file comes into /home/Test/UPS/ directory.
ls -l /home/Test/UPS/
-rw-r--r-- 1 user1 basegroup 1450 Jul 12 11:54 file.edi
Please help...
I know you can use force group and force user for samba mounted directories, but am not aware of any way of automatically overriding user and group in local directories

Resources