We had a case where we wanted two different applications (run by different users) to be able to read and write from the same file system.
This is how we solved this problem:
- Create a group which these users will belong to : groupadd <GroupName>
- Edit user1 and user2 to be a member of this group: usermod -a -G <GroupName> user1 & usermod -a -G <GroupName> user2
- Create a shared directory. In our case, it had to be the document root for an Apache site. Thus we chose the location <Shared_Folder>
- Now we need to change the group of this folder : chgrp -R <GroupName> <Shared_Folder>
- We’ll also need to grant the group write access on this folder : chmod g+w <Shared_Folder>
- Now we’ll need to set the GroupID flag on this folder. For a directory, the set-groupID flag means that all files created inside that directory will inherit the group of the directory. Without this flag, a file takes on the primary group of the user creating the file. This property is important to people trying to maintain a directory as group accessible. The subdirectories also inherit the set-groupID property. (http://www.dartmouth.edu/~rc/help/faq/permissions.html)
- Now in your .bashrc / .bash_profile, set the umask as 002. Setting this umask ensures that all the newly created files by this user will have the permission “rw-rw-r”. Thus giving the group write permission.
Now when either of the users create any file in the <Shared_Folder>, all the users of this group will have the read/write permissions on that file. Not only this, these permissions will be on the subfolders and the files with-in that folder as well.
But, if any of these users create a file outside the <Shared_Folder>, the primary group of that file/folder will be the same as the primary group of that user. Thus files/folder only in the <Shared_Folder> are shared between these users.
This is just one of the many great abilities that Linux provides.
Hope this saves you some time.
Your feedback and suggestions are welcome.
Regards
~~Himanshu Seth~~
http://www.IntelliGrape.com
