Go Back   The macosxhints Forums > OS X Help Requests > UNIX - General



Reply
 
Thread Tools Rate Thread Display Modes
Old 06-21-2010, 05:25 PM   #1
pittmantechno
Prospect
 
Join Date: Jun 2010
Location: Los Angeles
Posts: 1
launchD StartOnMount help

Hello,

Forgive me, Im not very XML savvy. I am looking for a way periodically or at mount...send, $ chmod -R 777 to the /Users/Shared folder.

I have a bunch of users that like to open files right out of shared locations and end up getting locked out of files within or vice versa - so to avoid permissions issues I though this would be great for my Users. at the moment I ssh in and send the chmod -R 777 to the Users/Shared folder

So I am wondering if any of you know how I could do this with launchD and maybe the StartOnMount feature ? so anytime they open the shared Directory it blasts the permissions on it ?
pittmantechno is offline   Reply With Quote
Old 06-22-2010, 02:05 PM   #2
tw
Hall of Famer
 
Join Date: Apr 2007
Posts: 4,262
roughly speaking, what you're asking for is something like this:
Code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>my.permissions.zapper</string>
	<key>ProgramArguments</key>
	<array>
		<string>chmod</string>
		<string>-R</string>
		<string>777</string>
		<string>/path/to/folder</string>
	</array>
	<key>StartOnMount</key>
	<true/>
</dict>
</plist>
but I'm confused as to why this would be necessary. what is changing the permissions so that they have to constantly be reset to 777? once you set the permissions on a folder they ought to stay at where you set them.
__________________
Philosophy is a battle against the bewitchment of our intelligence by means of language. -LW-
tw is offline   Reply With Quote
Old 06-22-2010, 02:30 PM   #3
tlarkin
League Commissioner
 
Join Date: Mar 2003
Location: Bay Area, CA
Posts: 11,351
an ACL would fit here nicely too, you could just give 'everyone' read/write access via ACL and it should honor the parent folder and all children items inside that folder.
__________________
sudo make me a sammich

http://www.tlarkin.com

"It just told me what I already knew, that I'm a great and amazing guy, didn't I tell you baby, I'm Zaphod Beeblebrox."
tlarkin is offline   Reply With Quote
Old 07-07-2010, 05:55 PM   #4
vostrushka
Prospect
 
Join Date: Jul 2010
Posts: 14
Even without ACL this can work nicely:
chown -R root:shared_group /Users/Shared
Add all your participating users to this shared_group.
chmod -R 775 /Users/Shared
chmod -R g+s /Users/Shared
The last command will set up S-bit on groups permissions, which will automatically apply the group of the parent directory to the files and child directories.
Users will be managed through group access only.
You need to run these commands once after that just keep an eye on that folder.
Regards
Leonid
vostrushka is offline   Reply With Quote
Old 07-10-2010, 05:25 PM   #5
ganbustein
MVP
 
Join Date: Apr 2008
Location: Berkeley CA USA
Posts: 1,167
Quote:
Originally Posted by vostrushka
chown -R root:shared_group /Users/Shared
Add all your participating users to this shared_group.
chmod -R 775 /Users/Shared
chmod -R g+s /Users/Shared

You could combine the last two:

chmod -R 2775 /Users/Shared

but it doesn't matter, because it still won't work. SUID and SGID on folders is incompatible with ACLs, so support for it was disabled when ACL support was added. But no matter. New files/folders are given the group of the enclosing folder anyway. (You only ever needed SUID on folders.)

The trouble is that, with the default umask of 022, the group won't have write access to any new files/folders. Anything that one user creates will be read-only to other users, even if they're in the same group.

You have to either set umask globally (which may have unintended consequences elsewhere), or re-issue the chmod periodically (but new files will still be read-only to others until the next periodic chmod), or use ACLs.
ganbustein is offline   Reply With Quote
Reply

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -5. The time now is 08:45 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Site design © IDG Consumer & SMB; individuals retain copyright of their postings
but consent to the possible use of their material in other areas of IDG Consumer & SMB.