8

Is there any way to force a file, created within a directory, to inherit ownership from the parent directory? I tried the sticky bit, but that doesn't seem to work.

Example of what I'm looking for:

drwxrwxr-x www-data somegroup parentdir

When parentdir/newfile.htm is created by someuser:

-rwxrwxr-x www-data somegroup newfile.htm

NOT

-rwxr-xr-x someuser somegroup newfile.htm

Any way this can be done? Thank you!

Sergiy Kolodyazhnyy
  • 103,293
  • 19
  • 273
  • 492
S. Wyatt Young
  • 81
  • 1
  • 1
  • 2

2 Answers2

6

Linux has something known as Access Control List (ACL). This is a way to extend standard unix permissions and fine tune them. One of the advantages is that it does have inheritance. What could be done, has been referenced by a related post on serverfault, and in your particular case:

sudo setfacl -Rdm g:somegroup:rwx /path/to/parent

As for forcing the files to be owned by the same user, it has been discussed in Getting new files to inherit group permissions on Linux, however forcing the same owner on each file is far more troublesome than having the file to be forced to have same group ownership as done via setfacl. If the group has exactly the same permissions as the owner, there's no point to force the same ownership. Of course, you could always use inotifywait and trigger chown upon file creation, but that's pointless since group ownership already gives you control over the file.

See also:

Sergiy Kolodyazhnyy
  • 103,293
  • 19
  • 273
  • 492
  • 1
    OP has abandoned **Ask Ubuntu** and no answers with upvotes on this question. So +1 not just for a good answer but also to prevent the software from bumping this to the home page for infinity :) – WinEunuuchs2Unix Jan 01 '19 at 05:04
  • @WinEunuuchs2Unix Yeah, it's an abandoned question, but it might be useful to some :) Thanks, btw – Sergiy Kolodyazhnyy Jan 01 '19 at 05:06
  • I guess what I meant to say is OP won't accept answer nor upvote it. Happy New Year in CO in one hour 51 minutesBTW :) – WinEunuuchs2Unix Jan 01 '19 at 05:08
  • @WinEunuuchs2Unix Happy New Year to you,too ! It's actually going to be in 1 hour and 51 minutes or so - it's 10:14 pm here. Eh, OP doesn't need to accept - if others find it useful, it's enough for me :) – Sergiy Kolodyazhnyy Jan 01 '19 at 05:14
0

You problem (it's not really a problem) raises in two parts as I understand from you.

First you want to give ownership of files created by a user in that directory directly to the apache user www-data. This can't be done that way.

In real life You can't give something to your friend if he doesn't want it!!

Same thing here, you can't give the ownership to some user without his permission.

So how to solve this here:

you still need to make chown

sudo chown www-data newfile.htm

The other needed is to change the permission of a file to inherits permission of parent directory.

This is not a good habit since the directory normally have execute permission x to make cd available in. But x for a normal file make it executable, and as those files as you mentioned are owned by www-data, this also makes you in trouble with a huge security threat, so my advice don't do it

But anyway if you still want to try : take a look for those two questions

https://superuser.com/questions/264383/how-to-set-file-permissions-so-that-new-files-inherit-same-permissions

https://superuser.com/questions/151911/how-to-make-new-file-permission-inherit-from-the-parent-directory

Community
  • 1
Maythux
  • 82,867
  • 54
  • 239
  • 271
  • Not what I'm looking for. I'm looking to avoid changing permissions manually. Also, while HTML files don't need executability, scripts do. I might just be running scripts. :) – S. Wyatt Young May 22 '15 at 22:55
  • “You problem (it's not really a problem)” — I do have a problem that could be solved by forcing a file owner for each file created in a directory. You just don't get the full picture of what I'm trying to do, your lack of imagination should not be an excuse to judge whether or not people's problems are real. – alexpirine Aug 23 '22 at 22:12