title: setgid and sharing files link: https://onemoretech.wordpress.com/2009/01/19/setgid-and-sharing-files/ author: lembobro description: post_id: 396 created: 2009/01/19 18:59:10 created_gmt: 2009/01/19 18:59:10 comment_status: open post_name: setgid-and-sharing-files status: publish post_type: post

setgid and sharing files

This article is about one use for the mysterious setgid bit. The procedures described here have been tested on Solaris and Linux. For more information take a look at this old Linux Journal article, and the most excellent chmod man page over at FreeBSD.org.

Back at the shop I have several little scripts (all around 1,000 lines excluding auxiliary modules) that process files uploaded to the server via ftp. The ftp upload is done under one of a number of shell accounts, and the files are processed under another account. Each account has its own personal group as well. As part of my process I copy the file from the ftp user directory and into the processing user directory. I then need to rename the original file in the user directory.

So for example userA uploads his file, userAfeed.txt, to his home directory on the server, /home/userA. Then I get importUser to copy that file from /home/userA to /home/importUser. Finally, importUser does a move operation on userAfeed.txt to rename it to userAfeed.txt.0119091342 or something like that.

The key to making this work is for userAfeed.txt to be writable by importUser. I do this by giving importUser’s group ownership over /home/userA. Let’s give it the name importGroup. This involves a simple chown userA:importGroup /home/userA. Then I need to set the permissions so that the group has read, write, execute with the sticky bit enabled. That takes a chmod g+rwxs /home/userA. To setgid on a directory where the group already has read, write and execute all you need to do is chmod g+s [directory].

Copyright 2004-2019 Phil Lembo