Grant permission for new created files inside folder automatically

command-line permissions directory acl
15,825

What you want is called ACL - Access Control Lists.

Access Control List (ACL) provides an additional, more flexible permission mechanism for file systems. It is designed to assist with UNIX file permissions. ACL allows you to give permissions for any user or group to any disc resource.

acl package should be already installed, to check it run: dpkg -s acl.

To use ACL's you should enable it for your filesystem. But it can be already enabled. To check it use tune2fs -l. Substitute /dev/sda6 for your system:

$ tune2fs -l /dev/sda6 | grep "Default mount options:"
Default mount options:    user_xattr acl

If you see acl word - it is already enabled for device /dev/sda6.

If you don't see acl word - run tune2fs -o acl /dev/sda6 to enable it.

To modify ACL use setfacl command. To add permissions use setfacl -m.

To set permission for user:

$ setfacl -m "u:username:rwx" /path/to/folder

This will set rwx ACL, for user username to /path/to/folder. This means that all files created in this folder will have rwx permission for username.

To set permission for group:

$ setfacl -m "g:groupname:rwx" /path/to/folder

This will set rwx ACL, for group groupname to /path/to/folder. This means that all files created in this folder will have rwx permission for group groupname.

To set permission for other:

$ setfacl -m "o:rwx" /path/to/folder

This will set rwx ACL, for other to /path/to/folder. This means that all files created in this folder will have rwx permission for other.

To check permission:

$ getfacl /path/to/folder

To combine acl

$ setfacl -m u:username:rwx,g:groupname:rwx,o:rwx /path/to/folder

Default ACL

 The new object inherits the default ACL of the containing directory as its
 access ACL.

 If no default ACL is associated with a directory, the mode parameter to the func‐
 tions creating file objects and the file creation mask (see umask(2)) are used to
 determine the ACL of the new object:

 The new object is assigned an access ACL containing entries of tag types
 ACL_USER_OBJ, ACL_GROUP_OBJ, and ACL_OTHER. The permissions of these entries
 are set to the permissions specified by the file creation mask.

So if you set default ACL, it would be preferred ACL. That means if set ACL for user or group, new created file would inherit default acl anyway. Be carefully with default ACL.

To set default acl use -d key,

$ setfacl -d -m u::rwx,g::rwx,o::rwx /path/to/folder

or use default word

$ setfacl -m default:u::rwx,default:g::rwx,default:o::rwx /path/to/folder

Be carefully with setting default ACL. For example if set like this:

$ setfacl -d -m o:--x /path/to/folder

and now fetch this ACL

$ getfacl /path/to/folder
# file: path/to/folder
# owner: c0rp
# group: c0rp
user::rwx
group::rwx
other::--x
default:user::rwx
default:group::rwx
default:other::--x

default ACL for group and user will be rwx automatically!

Remove ACL

$ setfacl -b /path/to/folder

This will remove all ACL's from folder

Finally

If you are only user in system, I recommend use default ACL.

$ setfacl -d -m u::rwx,g::rwx,o::rwx /path/to/folder

This will do what you want for /path/to/folder

Sources

archlinux - https://wiki.archlinux.org/index.php/Access_Control_Lists

help.ubuntu - https://help.ubuntu.com/community/FilePermissionsACLs

Share:
15,825
Ibrahim
Author by

Ibrahim

beginner!

Updated on September 18, 2022

Comments

  • Ibrahim
    Ibrahim over 1 year

    I have a folder which permission is set to 777 but when I add any files or folder unziping in that folder. Extracted files or folder permission never change. Destination folder permission is 777 and I want what I will add in that folder will automatically get permission of 777.

    When I add any files or folder by extracting .zip in that folder, extracted folder/files permission won't change automatically. I always have to chmod for newly add file/folder!

    • Ibrahim
      Ibrahim almost 10 years
      @Hennes, thanks to mention about umask, I didn't know much about that. After your comments, I have searched google and learnt more about it. By that, I have solved my problem partially though.
  • Ibrahim
    Ibrahim almost 10 years
    Well this is awesome and complete answer! Thank you @c0rp

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to allow users to create and delete file(s) / folder(s), but not modify them?
I am owner of a folder but cannot access it
Changing ownership of folder not working!
Meaning of "b" and "c" in file privileges description (output of ls -l)
Is it possible to change the permissions for the symbolic link?
Can directories and file inherit same permissions as parent directory?
ACL, ls, "permission denied" and a lot of questionmarks
Permission denial for my own folder (myName) inside home folder
Permission denied from opening directory
Permission denied to view directory