Skip to main content
knackforge blog knowledge base

Setup Default Group & Permissions for new files created under a specific directory [Debian/Ubuntu]

Say you have a directory that you want to share with multiple people with group-rw permissions and want to preserve this for newer files created on that directory.

The following quick steps could help you do that.

Let's assume your shared directory is: "/var/www/"

Step 1:

Install "acl" package (if not already installed)

sudo apt-get install acl

Step 2:

Enable "acl" option for the partition that contains the folder. Edit /etc/fstab and ensure that your partition has "acl" as one of the options.

If your /etc/fstab line reads like this

    "/dev/sda2    /    auto    defaults,nobootwait    0    2"

it should now read like this

    "/dev/sda2    /    auto    defaults,nobootwait,acl    0    2"

Now, re-mount your partition:

    "sudo mount -o remount /"

(You could check if the option is set right by using command: "mount | grep acl")

Step 3:

Create the group to share & add users to the group (you could skip this step if you already have groups & users setup)

    "sudo addgroup developer" (I'm creating a group: developer)

    "sudo adduser {your user} developer" (add user = {your user} to the group "devloper") -- repeat this for all your users.   

Step 4:

Set ACL for the folder:

    sudo setfacl -d -m "u:nobody:rwx,g:developer:rwx,o::r-x" -R /var/www/

    (this means.. you don't have any preference for the "user" a new file will be owned by -- defaults to the actual user creating the file, but the user's permissions given - rwx will be applied; group will be forced to "developer" with all permissions for the group; other users will just have read & execute permissions).

In case you already have contents in the folder, you could use this to change existing file's permissions to make it sharable within the group:

    "sudo chgrp developer -R /var/www/"

    "sudo chmod g+rwsx -R /var/www/"

 

Try creating new files under /var/www/ and let me know through your comments if you find any issues :)