Managing group permissions

Remillard · Posted: Mon Jul 26, 2004 7:50 pm Post subject: Managing group permissions

Hello,

I can't believe I can't figure out what's wrong with this setup, but it's got me stumped.

I have a partition mounted as /media off the root. The purpose of this is to store mp3, avi, etc. Basically huge stuff that I don't want backed up when I do regular user backups. I would like all users to be able to read and execute content here, but only members of group media to be able to write.

So, I created 'media' with groupadd. Success.
I added myself to the group line in /etc/group. Success.
As root I chgrp'd all files and directories for /media to group 'media'.

Okay, at this point we have:
In /:
drwxrwxrwx 6 root media 120 Jul 26 12:21 media
In /media:
drwxrwxr-x 2 root media 768 Apr 6 22:50 iso
drwxrwxr-x 3 root media 72 Apr 6 22:42 movies
drwxrwxr-x 41 root media 1288 Jun 27 14:17 mp3

In /media, as myself, I can create files ('touch test') and they appear. In mp3, iso, and movies I CANNOT create files ('touch test' returns "Permission denied"). As far as I can tell, the only reason I can touch a file in /media is because it has others+write on it. I'm not certain why I cannot write.

In group, I have:
media:x:408:mnorton

In gshadow, I have:
media:!::

If as myself I run 'newgrp media' it asks me for a password. I never set up a password for this group.

Is there something additional I need to do to create a group? I thought I had all these filesystem and permissions things down cold years ago, but I admit I've not played with groups much.

Regards,
Remillard
_________________
This signature is printed with 100% post-consumer recycled electrons.

ctford0 · Posted: Mon Jul 26, 2004 7:58 pm Post subject:

you created the group but now you need to add yourself to the group...

thats done with usermod. Be very careful because you can easily eliminate all of your group memberships

Rav70 · l33t Joined: 11 Feb 2004 Posts: 607 Location: Poland

Remillard · Posted: Mon Jul 26, 2004 8:30 pm Post subject:

zimzum · n00b Joined: 26 Jul 2004 Posts: 14

grep username /etc/group

^--complete list of group memberships

ctford0 · Posted: Tue Jul 27, 2004 12:05 pm Post subject:

seeing what groups you belong to is uber easy....

Remillard · Posted: Tue Jul 27, 2004 5:36 pm Post subject:

Yeah, logging out was the crucial trick. Thanks all!
_________________
This signature is printed with 100% post-consumer recycled electrons.

Reformist · Guru Joined: 06 Oct 2002 Posts: 323

That's great, but sometimes I'm fiddling with my groups in X and don't want to have to log out of X to register the changes.

If I switch to the cmdline via Ctrl + Alt + Fkey, and log in there, the changes to /etc/group registers. If I simply open a new term in X, the changes do not register.

Is there anyway to force the group file to be reread without logging out of X? I understand the effects don't propogate to other terminals, I just want to force the update in one terminal so that I can make sure I have the setup right.

newgrp [groupname] prompts me for a password when I run it, and I haven't set a password on certain group names, so I'm not sure what's supposed to be entered there.
_________________
-Phil Crosby