Problems with file ownership in a linux group - linux

I have an ubuntu ec2 server.
I have a user, ubuntu created by aws for which I have the ssh key.
I have a team of 4 developers who have their own users and separate keys. Lets call them dev1, dev2, dev3, dev4.
Now I created a group called devs in which I added all 4 developer users. dev1 - dev4.
Problem I am facing is when dev1 upload/create a file via ftp on server machine, dev2 is not able to edit the file or upload another version of same file created by dev1, even though they are in same group, because its ownership lies with dev1.
How can I solve this problem. I want everyone in my group devs to be able to modify add or create files, in my /var/www/html/ folder, regardless of who created that file.
Can I give group ownership in linux be default? As far as I know ownership can always be with users not the group. Is there a simple and straightforward solution to this?
group structure -
You can see 4 users in group devs

The steps that you have to follow are:
Create the group:
sudo groupadd devs
Create the users:
sudo useradd dev1
sudo useradd dev2
sudo useradd dev3
sudo useradd dev4
Set a password for the users:
sudo passwd dev1
sudo passwd dev2
sudo passwd dev3
sudo passwd dev4
Insert the users in the "devs" group:
sudo usermod -a -G devs dev1
sudo usermod -a -G devs dev2
sudo usermod -a -G devs dev3
sudo usermod -a -G devs dev4
Check that the interested folder (/var/www/html) has the right permissions.
For example, I created 2 users (dev1 and dev2) for a test and inserted them in the group "devs". I created a file with the user "dev2".
These are the permissions:
rw-rw-r-- 1 dev2 devs 10 Sep 6 20:46 test.txt
The owner is "dev2" but the group is "devs". The permissions in my file for the group are "rw" (read/write) so, all the members of the group can read/write.
For more info about the linux file permissions: https://www.linux.com/learn/understanding-linux-file-permissions

Related

Unable to run Docker commands without sudo user in Ubuntu 16.04

I am trying to run Docker commands without sudo user, but they are giving me below error:
I following the steps provided online:
Created the docker group --> sudo groupadd docker
Add user to the docker group --> sudo usermod -aG docker $USER
restarted VM --> newgrp docker
sudo setfacl -m user:$USER:rw /var/run/docker.sock
restarted docker:
sudo systemctl daemon-reload`
sudo systemctl restart docker
I also tried modifying the visudo file and added my user privileges as below:
sudo visudo
anand ALL=(ALL:ALL) ALL
anand ALL=(ALL) NOPASSWD: ALL
I even tried changing the owner of my /var/run/docker.sock file to my user. It was with root initially
srw-rw---- 1 root docker 0 Aug 2 12:37 /var/run/docker.sock
I changed owner to below:
srw-rw---- 1 anand anand 0 Aug 2 12:37 /var/run/docker.sock
Finally none of the options seem to work. Kindly suggest some options to fix this issue.
First, you need to check if your user (or user that you want to use with docker) is in docker group. For that, just run this command:
id -nG
If it says that user is in the docker group, then try again running this command if you want to add an active user:
sudo usermod -aG docker ${USER}
or run this if you want to add some other user:
sudo usermod -aG docker other_username
After you add a user to the group, you need to logout and then login again to apply new group changes.

Linux, execute operations that needs superuser privilege with Electronjs - Nodejs

Sorry but I don't know much about linux and i always developped in other environments, I made a cross-platform application with electronJS and i need to create a directory with that code
let staticPath = "/opt/pcapp/resources/monitor";
if (!fs.existsSync(staticPath)) {
fs.mkdirSync(staticPath);
}
In Windows and Mac it works like a charm but on Linux - Ubuntu I installed the app and i get this error due to the required superuser rights.
The users who are going to deal with the application will not have superuser privilege
Now i would like to know if there is a way to grant permission to create, update and delete some files and directory in the Application working directory /opt/pcapp/resources/monitor without SUDO or other stuff.
You have two options I can think of.
1) ACLs which will take a bit of a learning curve.
2) Simple permissions and groups which can be done quite easily.
I created a group mygroup and added a couple of users to it.
# groupadd mygroup
# usermod -G mygroup user1
# usermod -G mygroup user2
I then change the permissions and group on the folder you want the users to have access to:
# chmod 02770 /opt/pcapp/resourcees/monitor
# chgrp mygroup /opt/pcapp/resourcees/monitor
You should now see the following:
# ls -ld /opt/pcapp/resourcees/monitor
drwxrws---. 4 root mygroup 4096 Dec 6 17:23 /opt/pcapp/resourcees/monitor
Now any new file created in the folder will have a group mygroup. You will have to change existing files and folders.
As user2
$ touch /opt/pcapp/resourcees/monitor/testfile1
$ ls -ld /opt/pcapp/resourcees/monitor/testfile1
-rw-rw-r--. 1 user2 mygroup 0 Dec 6 17:29 /opt/pcapp/resourcees/monitor/testfile1
As user1
$ rm -v /opt/pcapp/resourcees/monitor/testfile1
removed ‘/opt/pcapp/resourcees/monitor/testfile1’
If this isn't granular enough, read about Linux ACLs.
Hope this helps.

When I(root) excute "usermod -G sudo chauncey",it say that "sudo group doesn't exist"

OS: CentOS 7. When I (root) execute the command below, it says that "sudo" group cannot be found.
[root#localhost etc]# usermod -G sudo chauncey
usermod:“sudo” group doesn't exits
I also check file in /etc/group, and "sudo" doesn't exists in it. So, how can I create a "sudo" group correctly?
In centos, you adduser to wheel group instead of sudo.
usermod - aG wheel username
Sudo is not directly a group. The groups/users having sudoer rights are defined in a configuration file that you can access using sudo visudo. Check out this file to find out how it is configured on your system. Here is a good introduction https://www.garron.me/en/linux/visudo-command-sudoers-file-sudo-default-editor.html.
In your case, you have different ways to give sudo rights to chauncey.
find the group(s) having sudo rights in the sudoers file and add chauncey to one of these groups. For example, say you have this line in sudoers:
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
then, add chauncey to admin with sudo usermod -a -G admin chauncey.
create a new sudo group (sudo groupadd sudo) and add this lines (sudo visudo). Then once again add chauncey to the group
# the 'sudo' group has all the sudo privileges
%sudo ALL=(ALL:ALL) ALL
set a special rule for this user in the sudoers file using the following (note that there is no %, which is used to denote a group):
chauncey ALL=(ALL:ALL) ALL
Note that for all the rules I mentioned, I used the default ALL everywhere. The first one is the user(s) allowed, the second one is the host, the third one is the user as you are running the command and the last one is the commands allowed. You can tune your rules if ALL is too broad for your usecase.

Linux Ubuntu 14.04.1 File Permissions

im really new to Linux permissions so I would appreciate help with this simple query.
Ubuntu 14.04.1
I have 2 users root and user1
I have a directory /var/www/html/gallery
The directory is empty
I would like to create a new group add root and user1 to that group and make that group have read, write and delete permissions(FULL PERMISSIONS), to the directory, /var/www/html/gallery
Can someone please help me ?
Thank you.
Root is usually not added to any group because root is allowed to do everything he or she wants.
So you have multiple options now:
1) you don't create a group and give the permissons to user1 (simplest solution)
chown -R user1:user1 /var/www/html/gallery
chmod -R 700 /var/www/html/gallery
2) you create the group anyways and just add one user. that just makes sense when you want to add some more users to the group later
you can use acl for permissions,
sudo apt-get install acl
sudo groupadd connoisseurs
sudo usermod -a -G connoisseurs Teddy
sudo setfacl -m g:connoisseurs:rwx /var/www/html/gallery
you can vary permissions with r,w,x combinations.

Cannot access the shared folder in Virtual Box

I have problem with accessing the shared folder.
My host OS is Windows 7 Enterprise Edition SP1, and the guest OS is Ubuntu Linux 10.04 Desktop Version. I'm using Virtual Box 4.2.10, and I have installed VBox guest add-on and Oracle VM VirtualBox Extension Pack.
When I put commend:
mat#mat-desktop:~$ cd /media/sf_MAT/
bash: cd: /media/sf_MAT/: Permission denied
again with sudo:
sudo cd /media/sf_MAT/
sudo: cd: command not found
What could be the solution?
The issue is that your user "mat" is not in the same group as "vboxsf". This group "vboxsf" is the group which has read/write permissions to that folder. Also the root has permission to that folder because its in the group "vboxsf".
What you need is to add your user "mat" to the same group. Start your terminal and write the following line:
sudo usermod -aG vboxsf mat
sudo - because you need root permission
usermod - the command to change the user properties
-a means append to the group
-G means you will supply the group name now
vboxsf is the group name that you want your user to be in
mat is your username
A reboot, or a logout, may be required for changes to take affect.
After this operation you can verify that your user is indeed in the vboxsf group by doing this:
cat /etc/group | grep "vboxsf"
you will see your username there.
Now you shall be able to access that folder. If any issue, just comment here and I will tell you alternative methods.
Also, if all of this sounds too geeky, you can do the same thing using the graphical tools. One guide is here http://www.howtogeek.com/75705/access-shared-folders-in-a-virtualbox-ubuntu-11.04-virtual-machine/
Also, in new virtual box - 4.3.20 I guess, they have this new feature of drag and drop where you can just drag files and folders to your virtual machine just by dragging. Isn't that nice. :)
Open your Virtual Machine's Terminal. Type sudo su then enter your password.
Write the following commands
sudo usermod -a -G vboxsf your_account_name
sudo chown -R your_account_name:users /media/your_share_folder_name/
Example sudo usermod -a -G vboxsf mat
Example sudo chown -R mat:users /media/sf_MAT/
Now reboot your Virtual Machine and check the shared folder again
I have this problem to. The problem seems to be with your user account not having permission to use the folders. The only solution I have is to enter root using the su command. You can then read, write, and navigate freely. You might have to set a root password first using sudo passwd root.
Reason : sudo cd will not work as sudo works on program and not command. cd is an inbuilt command.
Soluiton: try sudo -i ..this will elevate you to super user.
Now you will be logged in as root and use any command you wish
eg.
sudo -i
cd folder/path
use exit to return back to normal user.
You only need to follow these steps:
in the terminal execute:
sudo adduser yourUserName vboxsf
enter your root password, expect the following message:
Adding user `yourUserName' to group `vboxsf' ...
Adding user yourUserName group vboxsf
Done.
Log out and back in.
You now can access your shared folders (with the limitations you set for them via VirtualBox)
For all other just add new optical drive in storage(Via setting) and add ISO manually(It is inside installed directory) in Host OS. Now click on mounted drive and install in Guest OS.
Reboot enjoy

Resources