How do I give all the permissions to a file for a single user that's not me?
13,287
Solution 1
You need to find a group that only you and that user is part of, and give correct permission to the group, not the world.
Could be easier with access control lists, if available.
Solution 2
If you own the file, setfacl -m u:otheruser:rwx filename
If not, or if your filesystem doesn't support extended acls, I'm afraid you're out of luck.
Author by
The Student
My main interests: Object Oriented Programming (mainly Java, Python and C++) Mobile development (Android and iOS) Artificial Neural Networks Philosophy
Updated on September 18, 2022Comments
-
The Student over 1 year
When I want to grant access to another user to my file, I use
chmod 777 file, but if I want to be sure I'm granting permission just for that user, how can I do it?-- update
The file is owned by "root", so it's mine if I access it with
sudo, I suppose (or maybe I'm confused.. please correct me).I want to share a folder called
/Datain the root. The other user I want to share it is the root of an embedded system, which I'm accessing with telnet and NFS.The files inside
/Dataare generated by me, and every time I generate them, I have to use the commandchmod 777 /Dataso I can access them from the embedded system.I'm using Ubuntu in my computer, and a compiled-here-linux in the embedded system.
-
Alen Milakovic about 13 years@Tom: Please give more details. Is this a file owned by you? Where on the computer system is it located? Is the other user on the same system? Also, some more details about the use case would be helpful. If you just want to share a file with another person without anyone else being able to access it, there are variety of options, including pgp/gpg encryption. The traditional Unix permission model is a bit restricive, but you might want to consider acl if you are using Linux. What OS are you using?
-
sakisk about 13 yearsSince you are root (mentioned in a comment below), can't you just use the user's name? For example
chown bob file. Or if you want both the owner and the groupchown bob.users file. -
The Student about 13 years@Faheem Mitha please, see my update
-
Alen Milakovic about 13 years@Tom: Doing anything as root, unless absolutely necessary, is a really, really, bad idea. This is usually one of the first things one learns about unix, sometimes the hard way. Unless you really need to be root to access the files, don't do it as root (or sudo, which is equivalent). If you want to restrict permissions, there are better, safer ways to do it.
-
Alen Milakovic about 13 years@Tom: I'm not sure if I understood the entire issue correctly, but if you want to share files between users, and want to be able to override the umask, acl is a reasonable way to go. This does assume the users you are sharing among are on the same system. acl is a linux extension of the basic unix permissions system.
-
The Student about 13 years@faif @Faheem Mitha I know that the way I'm doing is not the better way. So, what's the better way? How do I give all the permissions to a file for a single user that's not me (in the better way possible)?
-
Alen Milakovic about 13 years@Tom: Sit down and read a tutorial on acl, and see if it works for you. but clarify first, is this for users on the same system?
-
The Student about 13 years@Faheem Mitha: not. It's one user in a Ubuntu system (in a pc), and another in a embedded system.
-
The Student about 13 years@Faheem Mitha: I'll read about ACL, thanks
-
Alen Milakovic about 13 years@Tom: acl might not work for you then.
-
gabe. about 13 years@Tom: So, basically what you are doing is creating a file on your local system as root, then attempting to access that file via NFS from your embedded system, also as root (I just want to make sure I am correctly understanding your problem)? What happens when you do this, w/out doing anything else? Do you get an error message? Can you please post that in your question? There is no reason what you are trying to do should not work. Thanks!
-
-
The Student about 13 yearsCan't I give the user name for the chmod?
-
Michael Mrozek about 13 years@Tom
chmodchanges the file mode bits; they don't have that kind of flexibility. You set read/write/execute for the owner, people in the owner's group, and everyone; that's it. If you need something more you should look into access control lists -
l0b0 about 13 yearsYou can use this to figure out which groups you both belong to:
wdiff -t <(groups $USER) <(groups other_user) -
The Student about 13 yearsI'm out of luck, there's no
setfaclcommand. -
Alen Milakovic about 13 years@Tom:
apt-get install aclor similar. -
The Student about 13 yearsSo, if we both don't belong to a common group, how can I make us part of a same group? (I have access to both users here)
-
The Student about 13 yearsthe user name in the other machine (an embedded system) is "root", so I tried with
sudo setfacl -m u:root:rwx /Databut I gotsetfacl: /Data: Operation not supported -
The Student about 13 yearsThe file is mine, in my root user, of my computer. So it should work with
sudo.. -
Alen Milakovic about 13 years@Tom: You need to mount your partition(s) with support for acl. See the docs.
-
Shadur about 13 years@tom @faheem This may involve updating the filesystem to allow acls - if you're on an ext2/ext3/ext4 filesystem,
tune2fs -o acl <filesystem>where<filesystem>is the filesystem mounted to /Data as described by themountanddfcommand. -
gabe. about 13 yearsWhy should ACL's be needed in this case?
-
André Paramés about 13 years@Tom:
groupadd GROUPNAMEto create the group, thenusermod -a -G GROUPNAME USERNAMEto add a user to the group. I also recommend reading the man pages of both commands. -
André Paramés about 13 years@gabe: standard UNIX file permissions only have bits for the file owning user, file owning group and 'others'. If you want something more specific, you need ACLs.
-
Shadur about 13 years@tom There's also the problem that the 'root' user is explicitly treated differently via NFS -- IIRC NFS maps root over to nobody before it checks access rights.
-
gabe. about 13 years@Shadur: That's a problem that is easy to override w/in your NFS exports file.
-
Shadur about 13 years@gabe Easy, yes. Wise, not necessarily...
