As a system administrator, you may have a certain directory that you want to give read/write access to every user on a Linux server. In this guide, we will review how to enable write access to all users on a particular directory (shared directory) in Linux.
This calls for setting the appropriate access permissions, and the most effective as well as reliable method to allocating a common group for all the users who will share or have write access to the specific directory.
So, start by creating the directory and common group in case it doesn’t already exist on the system as follows:
$ sudo mkdir -p /var/www/reports/ $ sudo groupadd project
Then add an existing user who will have write access to the directory: /var/www/reports/ to the group project as below.
$ sudo usermod -a -G project tecmint
The flags and arguments used in the above command are:
-a– which adds the user to the supplementary group.-G– specifies the group name.project– group name.tecmint– existing username.
Afterwards, proceed to configure the appropriate permissions on the directory, where the option -R enables recursive operations into subdirectories:
$ sudo chgrp -R project /var/www/reports/ $ sudo chmod -R 2775 /var/www/reports/
Explaining the permissions 2775 in the chmod command above:
2– turns on the setGID bit, implying–newly created subfiles inherit the same group as the directory, and newly created subdirectories inherit the set GID bit of the parent directory.7– gives rwx permissions for owner.7– gives rwx permissions for group.5– gives rx permissions for others.
You can create more system users and add them to the directory group as follows:
$ sudo useradd -m -c "Aaron Kili" -s/bin/bash -G project aaronkilik $ sudo useradd -m -c "John Doo" -s/bin/bash -G project john $ sudo useradd -m -c "Ravi Saive" -s/bin/bash -G project ravi
Then create subdirectories where the new users above will store their project reports:
$ sudo mkdir -p /var/www/reports/aaronkilik_reports $ sudo mkdir -p /var/www/reports/johndoo_reports $ sudo mkdir -p /var/www/reports/ravi_reports
Now you can create files/folders and share with other users on the same group.
That’s it! In this tutorial, we reviewed how to enable write access to all users on a particular directory. To understand more about users/groups in Linux, read How to Manage Users/Groups File Permissions and Attributes.
Remember to offer us your thoughts about this article via the feedback form below.
How to access the created shared folder from another pc.
“The standard behavior for new files and sub-directories is to ALWAYS receive the creator’s GROUP” – RHCSA RHEL 8, A. Ghori, 1st edition. In the example of this tutorial, I do not understand why we enabled setgid for the directory SINCE all the system users created (aaronkilik, john, and ravi) belong to the same group (called “project“) as the group of the parent directory “reports” (sudo chgrp -R project /var/www/reports/).
I mean if the user aaronkilik or any other of the two users create a file or sub-directory in “reports“, since the aaronkilik belongs to the group called “project“, the file/sub-directory created receives the creator’s group like stated in the first phase, that is the group “project“.
Why is it needed to enabled setgid for the “project” directory? Maybe there is a reason but I do not see it now. I could see the reason to enable setgid in case the three system users created belonged to different groups (in this case chmod -R 2777 /var/www/reports/ would be needed too). Thank you.
Hi,
Need help to set up multiple project-wise Shared Directory via GUI panel on Ubuntu on currently running the server?
What if a user copies or moves a directory tree from his home directory to the shared one?
I don’t think the subdirs will magically change their group, let atone recursivelyy because they are not newly created…
@Evi1
That’s correct, including the recursive option allows subdirectories to be get top directory permissions automatically. Many thanks for the heads up.
Hi,
I think that you do not need 2775. More secure is to use chmod -R 2770. In this case only the desired users/group can access this shared folder, and any others will not have access.
@lulian
Yap, your correct, we should have used chmod -R 2770, other system users will be blocked from accessing a shared directory. However, always set permissions depending on your environment needs.
In my case, i needed the shared folder were shared also with apache. I had to use “chmod -R 2775”. If I used “chmod -R 2770”, apache couldn’t access to the folders.
HI,
Thanks,Very useful material,
I created shared directory under /opt
@Jalal
Welcome, and many thanks for the writing back to us.
I assume that on your distro Apache has a base directory in /var/www unlike a distro like Fedora that starts in /var/www/html/. This would be good for users that want to build a web site together or share common reports over a web server. Another good option is to use ACL with the facl command.
@Ray
Sure, using ACL is also a reliable and effective option. Thanks for the suggestion.
@ray ACL has nothing to do with setGID permission option
Very helpful for the novice admin.
You should probably highlight that /var/www isn’t a good place to allow ‘regular users’ to store stuff unless you can guarantee it is on a separate filesystem than /var; should a user decide to fill it up system log files no longer can be written
@thomas h
That is so true, perhaps creating a new directory in the root directory for this purpose would make more sense. Many thanks for the useful insights.