First of all, thanks for reading. I've had success running a plist launchd job that is in my LaunchAgents folder. It basically calls a small shell script that chmod's a folder's permissions. I then have another job that calls another script that changes it back to what it was before.
Now, I'm trying to figure out how to chmod a folder/file permissions for a particular group. I realize that every folder/file has an owner that belongs to a group. Yes, but how do I explicitly give permissions to another group of users through a shell script? Is this possible? I have also been reading about ACL's, is this the route I should go?
My script is simple now:
chmod -R 777 <FOLDERNAME>
then back:
chmod -R 000 <FOLDERNAME>
Running this while logged in as the administrator.
But I'd like to grant access for another group, in theory:
chmod -R 777 <FOLDERNAME> <GROUPNAME>
<– yup, this is what I'm thinking
Best Answer
You need ACLs. First of all, your filesystem must be mounted with that option. You can remount it with that option with:
If you want this option static (available after each reboot):
The important part here, is ",acl" in the options column. Everything else you can ignore.
The you need to install
acl
package, and usesetfacl
. To set defaults for a directory (every new file and subdir created will have those acls):You should now, set permissions on this directory (yes, just strip -d option):
NOTICE that if there are any contents in this directory, permissions MUST be explicitly set. You could use find to set up permissions correctly (remember, directories must have read and execute access for people to access/list them). For a start on that subject, find ./ -type d give you subdirectories in current location and the following will setup default permissions for each one of this:
<acl>
should be the desired acl\{} \;
is an escape sequence for find.If you want to check permissions inherited by created files and directories, use
getfacl
You could also use the -R|--recursive switch, but that would mess up with files and directories permissions.