We had a case where we wanted two different applications (run by different users) to be able to read and write from the same file system.
This is how we solved this problem:
- Create a group which these users will belong to :[shell]groupadd GROUP_NAME[/shell]
- Edit user1 and user2 to be a member of this group:[shell]
usermod -a -G GROUP_NAME user1 ;
usermod -a -G GROUP_NAME user2;
- Create a shared directory. In our case, it had to be the document root for an Apache site. Thus we chose the location SHARED_FOLDER
- Now we need to change the group of this folder :[bash]chgrp -R GROUP_NAME SHARED_FOLDER [/bash]
- We’ll also need to grant the group write access on this folder :[bash]chmod g+w SHARED_FOLDER [/bash]
- Now we’ll need to set the GroupID flag on this folder. For a directory, the set-groupID flag means that all files created inside that directory will inherit the group of the directory. Without this flag, a file takes on the primary group of the user creating the file. This property is important to people trying to maintain a directory as group accessible. The subdirectories also inherit the set-groupID property. (http://www.dartmouth.edu/~rc/help/faq/permissions.html).[bash]chmod +s SHARED_FOLDER[/bash]
- Now in your .bashrc / .bash_profile, set the umask as 002. Setting this umask ensures that all the newly created files by this user will have the permission “rw-rw-r”. Thus giving the group write permission.: [bash] umask 002 [/bash]
Now when either of the users create any file in the SHARED_FOLDER, all the users of this group will have the read/write permissions on that file. Not only this, these permissions will be on the subfolders and the files with-in that folder as well.
But, if any of these users create a file outside the SHARED_FOLDER, the primary group of that file/folder will be the same as the primary group of that user. Thus files/folder only in the SHARED_FOLDER are shared between these users.
This is just one of the many great abilities that Linux provides.
Hope this saves you some time.
Your feedback and suggestions are welcome.