David Christensen wrote: > On 11/10/2013 09:46 AM, Hans wrote: > >Wouldn't it be much easier to define a group, give the partition or directory > >this group write permission and put all users, which are allowed to write > >(and > >trusted) into this group? > > It's been a while, but I've done that. I seem to recall that the > key was to set the SETGID bit on all the directories.
+1 :-) Because the set-gid bit means that when new files are created that they will be created with the same group as the directory. So with that any new files will be of the correct group. This feature originated with BSD. But in BSD it is the default behavior regardless of the set-gid bit. In BSD you always get that behavior. (AFAIK. It has been a while since I have been on a BSD system.) When it was ported back to AT&T Unix they made it selectable by using the g+s bit. That allowed SysV Unix to preserve the previous behavior and optionally enable the BSD behavior. POSIX then standardized the existing behavior. Since SysV had the most flexible interface and was more of the basis of POSIX than anything else that is the way POSIX standardized it. And Linux generally tries to be POSIX standard and so Linux follows SysV with this behavior of the set-gid bit behavior. Bob
signature.asc
Description: Digital signature
