<snip> > The advantage of the per-user matching group is that it makes group > collaboration very easy. When you work with others, sharing files, you > often have a shared area (the "project" directory at my workplace) where > the files are group owned by a group for the project and the setgid bit > is on all the directories so new files acquire that group for sharing > purposes. Naturally, doing group work one's umask should be 007 or > 002 (depending on security environment - we do 002 at work). _BUT_, > how to ensure that personal files (made elsewhere, eg your $HOME dir) > are private by default, and _without_ just putting 700 mode on $HOME, > because we have a fairly open culture at work. It would be nice to not > have to remember to hack your umask when switching to/from group work. > You can set the shared directory to be owned by user nobody and group "Shared" then run chmod 2770 on the directory. any files created or put in that directory will then be owned by the person that put it there and the group "Shared" so then all other members of that group will have read write access. the only problem you will have is if you use nautilus which seems to ignore the SGID bit konqueror has no issues and neither does the command line. havent tested over samba here. Dennis > And thus the per-user group. If my umask is 007, and I work in the group area > then group access is fine for them. If I do that in $HOME, then > > - with an (empty) per-user group my files are private because > I'm the only member of the group > > - without such (eg with a "users" group) if one forgets to close > the umask back down to 027 or 077 then my files are WIDE OPEN > to everyone in the "users" group, usually NOT what I want > > | My question is, can I delete the user groups that have the same name us > | users? Thanks in advance. > > Yep. Adjust the users' primary groups to match of course. > > But don't bother. It costs you nothing to have these groups and may one day > benefit you. > > Cheers, > -- > Cameron Simpson, DoD#743 cs@zip.com.au http://www.zip.com.au/~cs/ > > Dawn, V8, miles, breakfast, miles, gas, miles, miles, gas, miles, > miles, milkshake, miles, shop, miles, park, M and G, happy hour, > freeze-dried dinner, journals, bunk, dawn, miles, miles, ... > Bruce W. Robinson <BRUCE_W_ROBINSON@CCM.JF.INTEL.COM> -- Dennis Gilmore <dennis@dgilmore.net>
Attachment:
signature.asc
Description: This is a digitally signed message part
