www.bonsaiframework.com
Page tree
Skip to end of metadata
Go to start of metadata

The setgid (set group id) can do two things allow the user to execute a program with the permissions of the group owner.

Well what does this mean?

Control Group Ownership of New Files Under a Folder With setgid 

Sometimes you want any newly created files to belong to a specific group.

Let's start with a simple folder that you adjust and intend to share only with members of the staff group but nobody else. You setup permissions properly on the folder.

Basics with a Folder

...

But when you create the files, you realize that your fellow staff members can enter your folder, but not see your files.

...

To fix this, just add the setid to the folder,

chmod g+s shared-folder

Now create your new file and you can see the difference in the group owner,

...

However, immediately there are some caveats. First your existing file is not fixed.

Second, moving files from your own home folder over does not automatically fix the permissions,

...

Third, if you create subfolders this happens,

...

setgid Recursively for Only Folders

In this case, we want to take an existing folder with many files for a zero footprint application and ensure that any new files created will belong to the right group.

We use the chmod command combined with find - to return back only directories - and xargs,

find /path/to/hierarchy -type d | xargs -I{} chmod g+s {}



  • No labels