Shared Folder with chmod SetGID

How do you share a folder in Linux? Especially, how can you get write permission to files other users have created?
You should know command line before starting with this article. Knowing the basics of chmod (or see ‘man chmod’) wouldn’t hurt either.

The problem

It’s not enough to just create a new folder with correct group and rwx permissions. The newly created files under it will have the default group of the user who created them. Thus, other users won’t be able to modify them.
Of course, you must not create a folder writable to everyone  (others), as this would be insecure as even daemons could write the folder then.
How do make the new files keep the same group as parent folder then?

Set Group ID – the Solution

$ mkdir foo
$ chmod g+s foo/  # Set Group ID. Magic happens here!
$ sudo chown .botbook foo

We created a new folder. Using chmod, we set the SetGID aka set group id bit.
SetGID means: All files and folders created under foo/ will:

  • Have the same owning group “botbook”.
  • Will have SetGID set
$ ls -l
drwxrws--- 2 tero botbook 4096 2011-04-12 10:37 foo

Notice the “s” in group permissions, in place of group “x”. That’s the SetGID bit.
We have set the owning group of the file to “botbook”. SetGID just keeps the group in created files, we also have to have correct group in this folder.

Testing

$ touch foo/bar
$ ls -l foo/bar
-rw-rw---- 1 tee botbook 0 2011-04-12 10:39 foo/bar

We created a new file. Permissions come from ‘umask’, but they are usually correct. As we can see, the new file ‘bar’ has the same group as parent folder, “botbook”.
Well done. Now you can create those shared folders easily.

Administrivia

Tested on Ubuntu Linux 10.04 LTS 64 bit on 2011-04-12. Group inheritage with SetGID is not determined by POSIX standard, so it will probably only work with modern Linuxes and other systems with GNU Coreutils.

See also

Command line basics
man chmod
GNU CoreUtils: 27.4 Directories and the Set-User-ID and Set-Group-ID Bits
Edit: Fixed typo

Posted in Uncategorized | Tagged , , , , | 2 Comments

2 Responses to Shared Folder with chmod SetGID

  1. Siang Chuen says:

    Can the same apply to user level, rather than group as in your example?