[SOLVED] File permissions - how to make data available to all users

[CaptainKirk]

I am having problems with file permissions for other users on my system.

In particular, I have a subdirectory (with many sub-subdirectories) /Photos which contains our collection of digital photos.
Other users complained they couldn't edit photos in these directories, so I granted permission for all users to read and write:

sudo chmod -R 777 /Photos/

and right enough, other users could edit, read and write the pictures. However, if another user edited a picture and saved the edit, the new copy had read/write permissions only for the other user, and not me. If I put a new picture in the directory, only I have permissions for it; if the other user puts in a new photo, the permissions apply only to the other user.

I can of course keep re-doing the chmod command every time someone does an edit or introduces new material, but is there some way the chmod command can be applied to future files, as well as the ones that are already there?

[Head_on_a_Stick]

You can make the directory owned by a new custom group (called photo in this example) and then allow writing by group members and apply the setgid bit by running these commands as root:

Code: Select all

groupadd photo
chgrp -R photo /Photos
chmod -R g+ws /Photos

Next add your users to the photo group (replace $user with the actual user name):

Code: Select all

sudo gpasswd -a $user photo

And finally change the umask for each user by creating a file at ~/.xsessionrc with this content:

Code: Select all

umask 002

That should allow all users in the photo group to edit any files in /Photos that are owned by any other members of the photo group.

[dolphin_oracle]

I believe all users are in the "users" group too already, so that could be used potentially right out of the box.

[CaptainKirk]

Thank you for all your helpful replies. I have created the group "photos" as suggested and will try to populate the folders with new fiolders tomorrow.

[CaptainKirk]

Thank you for your help. I'm marking this [SOLVED}

[boldstripe]

This is a valuable solution, I have had this problem sharing files between two users on a single machine on MacOS many times over the years, sometimes giving up and 'sharing' through Dropbox on the same machine just to get this kind of access. MacOS and Linux have the same issue.

I just wanted to note here that I was also able to use this solution on a ZFS dataset that I wanted to share between MacOS and MX Linux machines on a dual-boot Mac Pro 2008. I had already created the group `zfsusers` with the same ID number (1200) on both platforms; my user number was 505 on MacOS and 1000 on MX Linux, but I found that that discrepancy is OK if my user is also a member of the same-named, same-numbered group `zfsuser` on both sides and if, as this hint allows, my user always has read-write group access to the dataset (folder) on both sides.

On the MacOS side, I created, and added my user to, the `zfsuser` group at 1200, in the System Preferences>Users & Groups panel. Then I used a Mac-specific command to set the umask for read-write permissions (in my case substituted 002 for *nnn*)

Code: Select all

sudo launchctl config system umask *nnn*

The groupadd, chgrp and chmod commands on MacOS were the same as given above on Linux.

I had to reboot on either side before this worked. I set up on Linux first, then MacOS, and for some reason I felt I had to repeat the setup back on Linux. The arrangement *seems* to be working as I expect:
- I can make a NewFile.txt in a NewFolder on Linux and then open, edit and save it back onto itself later in MacOS
- I can make a NewFile.txt in a NewFolder on MacOS and then open, edit and save it back onto itself later in Linux

I got the MacOS commands from this Apple support page: https://support.apple.com/en-us/HT201684