On 04/23/2016 10:42 AM, hw wrote: > > Has it become entirely impossible to share a directory tree and the > files in it with multiple users when Linux is involved? This should be > a very simple thing to accomplish. >
It was never possible. It's ridiculous, but there it is. The UNIX permissions model is too simple. ACLs were bolted on top, but most tools retain legacy behavior with respect to group masks that breaks default ACLs. You're seeing that same problem with your Samba share. Filesystem permissions are one thing that Windows got right. There's ongoing work to bring that model to Linux, https://en.wikipedia.org/wiki/Richacls but they're going to make the same mistake again[0] and allow the group bits to act as a mask. That means mkdir, tar, cp, 7z -- anything that tries to mess with group bits -- isn't going to work. They'll be DOA just like POSIX ACLs were. I think you can manage this with incron and POSIX ACLs. Instead of running "chmod g+w", use sys-apps/apply-default-acl to reset the permissions to the defaults that you set. I wrote apply-default-acl to solve exactly this problem. You just need to figure out a way to run it whenever things get screwed up. Which means, whenever a file or directory is created. [0] http://www.bestbits.at/richacl/man/richacl.7.txt Changing the file mode permission bits: When changing the file mode permission bits with chmod(1), the owner, group, and other file permission bits are set to the permission bits in the new mode... In addition, the masked and write_through ACL flags are set. This has the effect of limiting the permissions granted by the ACL to the file mode permission bits...
