Main Menu
PHP Tools
PHP Help Request
PHP Editors Newsletter
Editor Search
Reviewed PHP Editors
Latest News
Submit News
PHP Tutorials
PHP Book Reviews
Online Book Chapters
PHP Games

Forums
RSS 2.0
PHP Desktop Editors
Other PHP Tools
PHP Contests
PHP Programming Help
Linux Help
Apache Help
MySQL Help
PHP Games
PHP Jobs
PHP Forums Home

Programming Contest
PHP Contests
PHP Contests Archive

Documentation
PHP Manual
PEAR Manual
PHP-GTK Manual
Smarty Manual
PostgreSQL Manual
CSS 2 Reference
Redhat Linux 9
HTML 4.01
Apache 2 Manual

Partner Sites
Ajax Tutorials
Webmaster Resources
Web Templates
PHP Scripts
PHP Code Examples
Learn PHP playing Trivia
PHP & MySQL Forums
Web Development Index
web site templates

Sponsors

NuSphere



All Red Hat Linux documents are copyrighted to Red Hat Inc.

Red Hat Linux 9: Red Hat Linux Reference Guide
PrevChapter 6. Users and GroupsNext

6.4. User Private Groups

Red Hat Linux uses a user private group (UPG) scheme, which makes UNIX groups easier to manage.

A UPG is created whenever a new user is added to the system. A UPG has the same name as the user for which it was created and that user is the only member of the UPG.

UPGs makes it is safe to set default permissions for a newly created file or directory which allow both the user and that user's group to make modifications to the file or directory.

The setting which determines what permissions are applied to a newly created file or directory is called a umask and is configured in the /etc/bashrc file. Traditionally, on UNIX systems the umask is set to 022, which allows only the user who created the file or directory to make modifications. Under this scheme, all other users, including members of the creator's group are not allowed to make any modifications. However, under the UPG scheme, this "group protection" is not necessary since every user has their own private group.

6.4.1. Group Directories

Many IT organizations like to create a group for each major project and then assign people to the group if they need to access that project's files. Using this traditional scheme, managing files has been difficult because when someone creates a file, it is associated with the primary group to which they belong. When a single person works on multiple projects, it is difficult to associate the right files with the right group. Using the UPG scheme, however, groups are automatically assigned to files created within a directory with the setgid bit set, which makes managing group projects that share a common directory very simple.

Lets say, for example, that a group of people work on files in the /usr/lib/emacs/site-lisp/ directory. Some people are trusted to modify the directory but certainly not everyone. So first create an emacs group, as in the following command: 

/usr/sbin/groupadd emacs

In order to associate the contents of the directory with the emacs group, type: 

chown -R root.emacs /usr/lib/emacs/site-lisp

Now, it is possible to add the proper users to the group with the gpasswd command: 

/usr/bin/gpasswd -a <username> emacs

Allow the users to actually create files in the directory with the following command: 

chmod 775 /usr/lib/emacs/site-lisp

When a user creates a new file, it is assigned the group of the user's default private group. Next, set the setgid bit, which assigns everything created in the directory the same group permission as the directory itself (emacs). Use the following command: 

chmod 2775 /usr/lib/emacs/site-lisp

At this point, because each user's default umask is 002, all members of the emacs group can create and edit files in the /usr/lib/emacs/site-lisp/ directory without the administrator having to change file permissions every time users write new files.

PrevHomeNext
Standard GroupsUpShadow Passwords
© Copyright 2003-2023 www.php-editors.com. The ultimate PHP Editor and PHP IDE site.