- Create a file as a different user and group
- How to make files created in a directory owned by directory group?
- 2 Answers 2
- How to view files, created by Linux and programs in /tmp directory? [duplicate]
- 2 Answers 2
- How do you list all files created by the user after a clean install?
- 2 Answers 2
- Setting default permissions for newly created files and sub-directories under a directory in Linux?
Create a file as a different user and group
I have a bash script that has to rsync to download files writing them locally, and then needs to set the owner to apache, and the group to a particular user group (that apache is not a member of). Is there a way to create those files with those ownerships as they’re being written by the rsync process, without having to go through and change them after the fact using chown? There are so many files that the time it takes to go through them later is prohibitive. I have to do this for multiple user groups, so I shouldn’t be adding apache to these groups, and certainly can’t make all of them the default group. In other words: is there a way root can create a file as user X and group Y when X is not a member of Y? I’ve tried using runuser, but I’m unable to set the group (presumably because apache doesn’t belong to the group). I know you can use chmod to change permissions and add any user/group combination. What I’m asking is if there is a way to open a file for writing and use any user/group combo while creating it. Attempt using sudo:
[root@centos7 tmp]# groups angelo angelo : angelo wheel [root@centos7 tmp]# groups apache apache : apache [root@centos7 tmp]# sudo -u angelo -g apache touch angelo-file Sorry, user root is not allowed to execute '/bin/touch angelo-file' as angelo:apache on centos7 [root@centos7 tmp]# ls -ld angelo-file ls: cannot access angelo-file: No such file or directory [root@centos7 tmp]# sudo -u angelo -g angelo touch angelo-file [root@centos7 tmp]# ls -ld angelo-file -rw-r--r-- 1 angelo angelo 0 Nov 12 03:13 angelo-file
That question is asking about the filesystem. You can chmod the file to give any user/group you want. I want to know if you can open a file descriptor acting as any user/group combo. If it is possible, then I haven’t found out how.
I mean using normal Linux tools or commands. I would accept an answer that could verify that you could only do this in C because no tools exist. But I also wouldn’t be surprised if you can’t even do it in C and this is not an available request through the API. sudo with -g will work if the user is a member of the group, but seems to be disallowed if not.
How to make files created in a directory owned by directory group?
Is there a way, on Linux, to cause all new files created in a directory to be owned by the directory’s group instead of the creating user’s group?
2 Answers 2
If you chmod g+s directory then all the files created in that directory will be owned by that group.
newgroup is really a holdover from the days when you could only be in one group, and isn’t really needed nowadays.
Files created by user are created with his current group ID. To check user ids you can execute id ; to change your GID to something from the list of your groups use newgrp or sg : first command will launch shell and the latter will just run a command with GID set to id.
whitequark@forth:~/test$ id uid=1000(whitequark) gid=1000(whitequark) groups=4(adm),20(dialout),24(cdrom), 46(plugdev),104(lpadmin),114(admin),118(sambashare),1000(whitequark) whitequark@forth:~/test$ touch file1 whitequark@forth:~/test$ ls -la total 8 drwxr-xr-x 2 whitequark whitequark 4096 2010-01-29 19:49 . drwxr-xr-x 82 whitequark whitequark 4096 2010-01-29 18:02 .. -rw-r--r-- 1 whitequark whitequark 0 2010-01-29 19:49 file1 whitequark@forth:~/test$ newgrp admin >> whitequark@forth:~/test$ touch file2 whitequark@forth:~/test$ ls -la total 8 drwxr-xr-x 2 whitequark whitequark 4096 2010-01-29 19:49 . drwxr-xr-x 82 whitequark whitequark 4096 2010-01-29 18:02 .. -rw-r--r-- 1 whitequark whitequark 0 2010-01-29 19:49 file1 -rw-r--r-- 1 whitequark admin 0 2010-01-29 19:49 file2
How to view files, created by Linux and programs in /tmp directory? [duplicate]
How to view files, created by Linux and programs in /tmp directory? The file names are hidden, command ls -al /tmp only show the presence of files not their names. Edit: I find that place in saved session logs:
# ls -al /tmp drwxrwxrwt 2 0 0 40 Jan 1 00:00 . drwxr-xr-x 19 1005 1005 219 Aug 2 2017 .. # grep -r config /tmp # grep -r bin /tmp # umount /mnt # ls -l ---- drwxrwxrwt 2 0 0 40 Jan 1 00:00 tmp ---
Third line show that /tmp directory have 19 files(?), but I don’t see it. Or I have missed something?
«only show the presence of files not their names» — it’s unclear what you mean with this, and totally contradicts the expected output of ls -al . Please add the complete output of that command to your question, best including the command itself; use copy&paste and format it as code for better readability.
No; the third line means that this entry has 19 hard links, which in this case means that the root directory has 19 subdirs; that seems OK. However there are some strange things in this listing: UID/GID 0 is root , allright, but / belonging to user 1005, which in most cases is a manually created user, is rather unusual; it should belong to root , too. Additionally the UIDs aren’t resolved to user names, what I would have expected.
. In short, your /tmp dir seems fine, but empty, but I can’t say anything about the rest of the system; it may be a normal state for your system or not.
2 Answers 2
The number in the second column of an entry in the output of ls -la is the number of hard links pointing to the same inode; in the case of a directory entry this means the number of subdirectories including the special . dir mentioned below; you can read more details e. g. in this answer.
The entry .. represents the parent directory, which in this case is the root directory / . 19 or 20 subdirectories of / is quite normal, as far as I can tell, but depends on the distribution and local additions.
The entry . represents the current directory, in this case /tmp — it contains only . and .. , as shown in the listing, thus 2 hard links: one for its sole existence in / , one for . pointing to it.
Your conclusion that /tmp has «hidden» entries is wrong; the temp dir is definitely empty right now.
There are some oddities which I mentioned in my comments, but these are out of scope for this question. If you’re experiencing any problems you should open new questions for them, with a detailed description what you see (don’t forget to show output for evidence), what you expect and why you think it’s wrong or unusual.
How do you list all files created by the user after a clean install?
I have a machine that is not in use and I wish to do a clean install of Linux on the machine. There may be important files on the machine. How do you list all files created by the user after a clean install? I was thinking of doing a simple find all files in / and then for loop to iterate followed by rpm -q —whatprovides to list all files that a user created (I.e not listed in any rpm’s manifest). I think this would work. But it may be extremely slow and take more than 8 hours. I’ll have to try. I listed rpm but I think this also applies to any Linux distro. But I need a rpm solution first in the short term.
2 Answers 2
rpm -qla will quickly list all the files coming from rpms. You can sort both lists and compare them with comm . However, what about config files from rpms that have been edited by the user, e.g. /etc/exports . You can use rpm -qVa to verify if installed files have changed, but it will ignore files that are destined to change e.g. /etc/shadow . It is usually a good idea to keep a copy of the whole of /etc just in case. You still have specific packages to worry about, e.g. mysql and files in /var .
comm is simpler than diff . comm a b will output 3 columns: lines only in a, only in b, and in common. The files must be sorted. You can suppress the 2nd and 3rd column with -23 , and so have immediately all the lines only in a , where you should in your case put the list from find .
i tried out comm and IMO it is definitely the way to go. it’s exactly like you said diff could probably be used. but would require a huge effort to make the output useful. where as comm is immediately useful. in my case i did exactly as you said and suppressed two of the three columns.
Setting default permissions for newly created files and sub-directories under a directory in Linux?
I have a bunch of long-running scripts and applications that are storing output results in a directory shared amongst a few users. I would like a way to make sure that every file and directory created under this shared directory automatically had u=rwxg=rwxo=r permissions. I know that I could use umask 006 at the head off my various scripts, but I don’t like that approach as many users write their own scripts and may forget to set the umask themselves. I really just want the filesystem to set newly created files and directories with a certain permission if it is in a certain folder. Is this at all possible? Update: I think it can be done with POSIX ACLs, using the Default ACL functionality, but it’s all a bit over my head at the moment. If anybody can explain how to use Default ACLs it would probably answer this question nicely.
POSIX ACLs are nice, however a good 60% of the machines that you encounter won’t have them turned on for certain file systems, depending on the distribution. Here is a very good introduction and example: suse.de/~agruen/acl/linux-acls/online
You mean the same document I linked 🙂 I haven’t had a change to read it yet but thanks for the head’s up on the availability problem.
The link in Tim Post’s comment appears to be dead, but thanks to the Internet Archive, I could view it, and verify that vanemery.com/Linux/ACL/POSIX_ACL_on_Linux.html contains the exact same document. I’ll edit the question to update the link.