adding a secondary group doesnt seem to work

adding a secondary group doesnt seem to work

Post by ktgf » Wed, 30 Nov 2005 00:08:18



I have a directory  owned by root:other
I want a user to be able to create files in it. The use is already on the
serve
The user has group GDOC which has number 104
The entry in /etc/group file is :-
GDOC::104:
Now I  edit the /etc/group file to add 104 to the entry for other
ie
OTHER::1:104

For some reason it doesnt seem ot allow me write access.
If I create a new group and a new user and do the same thing then it works
without any problem and I  can create file in the directory.

George

 
 
 

adding a secondary group doesnt seem to work

Post by Roger Gustavsso » Wed, 30 Nov 2005 00:35:26



> I have a directory  owned by root:other
> I want a user to be able to create files in it. The use is already on the
> serve
> The user has group GDOC which has number 104
> The entry in /etc/group file is :-
> GDOC::104:
> Now I  edit the /etc/group file to add 104 to the entry for other
> ie
> OTHER::1:104

> For some reason it doesnt seem ot allow me write access.
> If I create a new group and a new user and do the same thing then it works
> without any problem and I  can create file in the directory.

Have you logged out the user and logged in again? The current
login shell process doesn't know about the change you just did
to groupmemebership. The process has to be restarted, ie logout/
login.

/Roger

--
Roger Gustavsson
roger.gustavsson (_at_) teliasonera.com

 
 
 

adding a secondary group doesnt seem to work

Post by ktgf » Wed, 30 Nov 2005 00:56:36


Yes , I did log in again . NOw the user george , which I thought worked
doesnt.
Here is some more  detail

 ls -l

drwxrwxr-x   3 root     other        512 Nov 28 10:51 confcoll

#cd confcoll
#pwd
/opt/Data/uk/confcoll
#su george
#pwd
/opt/Data/uk/confcoll

#touch testfile
#touch: testfile cannot create

----------
# cat /etc/group
root::0:root
other::1:109,104
bin::2:root,bin,daemon
sys::3:root,bin,sys,adm
adm::4:root,adm,daemon
tempman::108:
george::109:other
GEorge
Download this a

 
 
 

adding a secondary group doesnt seem to work

Post by ktgf » Wed, 30 Nov 2005 01:06:55


The blinding light has dawned.   On the ser ver which worked I created a
group whaich had the same name as the user, and I added this groupname to
the end of the entry for other. That confused me with username and
groupname.
Of course I should have added the USRERNAME and not the GROUPNAME to the
entry for other.

Thanks

G


Quote:> Yes , I did log in again . NOw the user george , which I thought worked
> doesnt.
> Here is some more  detail

>  ls -l

> drwxrwxr-x   3 root     other        512 Nov 28 10:51 confcoll

> #cd confcoll
> #pwd
> /opt/Data/uk/confcoll
> #su george
> #pwd
> /opt/Data/uk/confcoll

> #touch testfile
> #touch: testfile cannot create

> ----------
> # cat /etc/group
> root::0:root
> other::1:109,104
> bin::2:root,bin,daemon
> sys::3:root,bin,sys,adm
> adm::4:root,adm,daemon
> tempman::108:
> george::109:other
> GEorge
> Download this a

 
 
 

adding a secondary group doesnt seem to work

Post by Oscar del Ri » Wed, 30 Nov 2005 01:28:13



> The user has group GDOC which has number 104
> The entry in /etc/group file is :-
> GDOC::104:
> Now I  edit the /etc/group file to add 104 to the entry for other
> ie
> OTHER::1:104

man group

    The group file contains a  one-line  entry  for  each  group
    recognized by the system, of the form:

           groupname:password:gid:user-list

    user-list  A comma-separated list of users allowed in the group.

So make that

other::1:username

 
 
 

adding a secondary group doesnt seem to work

Post by Birr » Fri, 02 Dec 2005 01:20:06



Quote:> I have a directory  owned by root:other
> I want a user to be able to create files in it. The use is already on the
> serve
> The user has group GDOC which has number 104
> The entry in /etc/group file is :-
> GDOC::104:
> Now I  edit the /etc/group file to add 104 to the entry for other
> ie
> OTHER::1:104

> For some reason it doesnt seem ot allow me write access.
> If I create a new group and a new user and do the same thing then it works
> without any problem and I  can create file in the directory.

> George

 setfacl -m group:GDOC:rwx,mask:rwx  directory
or
 setfacl -m user:The_user:rwx,mask:rwx  directory
(you can't add a group to a group)

ls -ld directory will now show a + at the end of permissions,
to see them, use getfacl directory

/birre