Give write permissions to multiple users on a folder in Ubuntu
Solution 1
There are two ways to do this: set the directory to "world" writable or create a new group for the two users and make the directory writeable to that group.
Obviously making it world writeable is a Bad Thing, so the second option is preferable.
Users in Linux can belong to more than one group. In this case you want to create a brand new group, let's call it tomandruser:
sudo groupadd tomandruser
Now that the group exists, add the two users to it:
sudo usermod -a -G tomandruser tomcat6
sudo usermod -a -G tomandruser ruser
Now all that's left is to set the permissions on the directory:
sudo chgrp -R tomandruser /path/to/the/directory
sudo chmod -R 770 /path/to/the/directory
Now only members of the tomandruser group can read, write, or execute anything within the directory. Note the -R argument to the chmod and chgrp commands: this tells them to recurse into every sub directory of the target directory and modify every file and directory it finds.
You may also want to change 770 to something like 774 if you want others to be able to read the files, 775 if you want others to read and execute the files, etc. Group assignment changes won't take effect until the users log out and back in.
If you also want (you probably do) that new files created inside the directory by one of the users are automaticaly writable by others in the group, then see here.
Solution 2
Following script shows an example to give r (read) / w (write) / x (execute) permission to the given folder path /path/to/the/directory for USER1 and USER2. If you want to give only write access please replace rwx with w.
#!/bin/bash
# Block others and people in the same group to do `r/w/x` on the give folder:
sudo chmod 700 /path/to/the/directory
# Give read/write/execute access to USER1 on give folder:
sudo setfacl -R -m user:USER1:rwx /path/to/the/directory
# Give read/write/execute access to USER2 on give folder:
sudo setfacl -R -m user:USER2:rwx /path/to/the/directory
Solution 3
Opinionated anwer:
- I like to put my shared folder in a central place. Not in someone else's homefolder, but
/srv/commonor even (for ruthlessly short paths...)/repoor similar. - define a new group (typically for all local users, that you want to join in. However not some technical users like
wwwuser, unless there's a valid reason) -
rootis good to have as a member, also to have a neutral owner of that shared folder -
setGid is very important, such that new files do become common group membership, thus
frank:common, notfrank:frank
sudo groupadd -f common
usermod -aG common root
usermod -aG common frank
usermod -aG common mike
# sort of hack for instant group refresh w/o logout
# superuser.com/a/345051
su - frank
# sanity test1:
cat etc/group | grep common
common:x:1008:root,frank,mike
# sanity test2:
groups
frank adm cdrom ... common
sudo chown root:common /repo
# (if you have shareable stuff setting somewhere else,
# copy it to here now)
# no right to the world, the right rights to user and group
chmod -R ug+rwXs,o-rwx $dest
# why uppercase X ? → unix.stackexchange.com/a/416885
# why s ? → superuser.com/a/277785
# as there is no such thing as an uppercase S (directories only)
# settings the s attribute on preexisting content would have to happen
# like so:
# find /repo -type d -exec chmod g+s {} \\\;
Related videos on Youtube
13 : 30
10 : 27
02 : 42
20 : 28
06 : 19
TheVillageIdiot
Updated on September 18, 2022Comments
-
TheVillageIdiot over 1 year
There is a folder that is owned by user tomcat6:
drwxr-xr-x 2 tomcat6 tomcat6 69632 2011-05-06 03:43 documentI want to allow another user (ruser) write permissions on document folder. The two users (tomcat6 and ruser) does not belong to same group. I have tried using
setfacl:sudo setfacl -m u:ruser:rwx documentbut this gives me
setfacl: document: Operation not supportederror. Kindly help me. -
swapnilsarwe over 11 yearsworks like a charm
-
Marcello Nuccio over 11 yearsYou probably want to also set the set-group-ID flag for directories, to make new files and sub-directories automatically owned by the right group:
sudo find /path/to/the/directory -type d -exec chmod 2770 '{}' \; -
Christian over 11 yearsI'd avoid using chmod 770, 775 or whatever. That messes with the permissions of all files. Instead use something like
chmod -R g+wto add write permissions without mucking up everything else. -
Olexa almost 11 yearsIf a user creates a new file there (say, mysql bySELECT INTO OUTFILE), it sets permissions to its primary group (mysqlin this case), and the file is not accessible by another user anyway. How to workaround this? -
Olexa almost 11 yearsFound an answer for my question here: superuser.com/a/19333/171762
-
Jürgen Paul almost 11 yearsDoes-R 770change permission for all subdirectories AND FILES in that directory? -
Andrew Lambert almost 11 years@WearetheWorld Yes.
-
codecowboy about 10 yearsWhat if you want to grant users write access to a folder without changing the folder's ownership e.g. you don't want to mess with apache's permissions on a public_html folder?
-
rno over 8 yearsI would not mess around with set-group-ID flag with chmod 2770 UNLESS you are 100% user you know what that does and what you are trying to do!
-
Vladimir Vukanac over 8 yearsNote: "Group assignment changes won't take effect until the users log out and back in." I have missed that :) -
ComputerScientist over 4 yearsWhat happens if the file was originally owned by
rootinstead oftomcat6? -
PredatorX over 3 yearsI saw in some Linux documents Linux group, such as Debian 10 has limitation and more than 16 users can't add to a group, if we will add more than 16 it is possible by your answer?
-
Don't Panic almost 3 years@leonbloy the question you link to in your edit describes how to use setgid to make sure new files created inside the dir are owned by the group. It does not show how to make them "automaticaly writable by others in the group" - or am I missing something?
