this post was submitted on 13 May 2024
10 points (100.0% liked)

linux4noobs

1422 readers
9 users here now

linux4noobs


Noob Friendly, Expert Enabling

Whether you're a seasoned pro or the noobiest of noobs, you've found the right place for Linux support and information. With a dedication to supporting free and open source software, this community aims to ensure Linux fits your needs and works for you. From troubleshooting to tutorials, practical tips, news and more, all aspects of Linux are warmly welcomed. Join a community of like-minded enthusiasts and professionals driving Linux's ongoing evolution.


Seeking Support?

Community Rules

founded 1 year ago
MODERATORS
 

Hello I am seeking a simple solution to running a list of "chown -R" " commands in script.sh

It takes a long time to sequentially execute all of these chown commands recursively because the directories have so many files. I want to be able to tackle the root level directories in parallel to speed things up. I imagine there must be a simple way to do this while keeping the list of commands in a single file. xargs and some of the other things I saw online looked like bad fits or would be over engineering this problem.

you are viewing a single comment's thread
view the rest of the comments
[–] nottelling 5 points 7 months ago (1 children)

If you have multiple users writing to a directory, you should be relying on groups, permissions, and sgid and not care who the owner is.

[–] [email protected] 1 points 7 months ago (2 children)

But what if user A in a new group creates dir "abc" - will dir "abc" automatically be set to the correct group? I would think the group permission would be just like the user permission, not set until manually set.

[–] [email protected] 2 points 7 months ago (1 children)

Yeah since I learned on Windows servers for 20 years, I'm struggling on permissions and groups in Linux in general.

In Windows it's as easy as enabling 'children inherit parent' and then the users can go and create whatever and if they can write, they'll write it with inherited from the parent permissions. If you change a folder deeper, you can unlink inheritance from the parent and then it could also optionally be the new parent for all children permissions.

I tried a couple of times to do this in Linux and I've always struggled due to my own lack of knowledge and understanding. I feel reading it I keep coming to the wrong conclusion too perhaps based on my experience and bias in reading it.

Anyway I know it's not helpful but I feel the struggle.

[–] [email protected] 2 points 7 months ago

Thanks for chiming in, im glad its not just me. I feel like i have a much stronger understanding on things more complicated tham groups! That makes it feel worse

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (1 children)

I don't really understand your use case.

It sounds like you have multiple users creating files in a directory, and some users are creating them with more-restrictive permissions than you want -- like, you want to force them to make their stuff accessible by everyone else -- and you're trying to avoid that by regularly modifying all the permissions?

If you set the sgid bit on the parent directory, then by default, things created in that directory will inherit the group of the parent directory.

But a user can still change permissions so that that isn't the case.

It's possible that you could use ACLs or something like that to address your problem, but I don't know what it is that you're trying to achieve.

[–] [email protected] 1 points 7 months ago (1 children)

What you proposed with sgid sounds like it might be what i need. All of the users are controlled my me, it's just when they connect to the smb share of the main system from other devices, i figured it was good security to use an account that is separate from my main account on the system, so they can't access the entire system or execute sudo commands

[–] [email protected] 1 points 7 months ago

it’s just when they connect to the smb share of the main system from other devices,

If this is specific to a Samba server, it looks like you can set it to use whatever uid/gid you want.

https://unix.stackexchange.com/questions/530038/remap-uid-in-samba-share