How to fix the rights of files and folders so that they do not change when digging from root?

S

syxoi2019-08-27 12:14:55

linux

syxoi, 2019-08-27 12:14:55

If you dig into the folders of other users from the root, be it a regular user or www-data, then the rights to root are overwritten.

getfacl /home/vasya
getfacl: Removing leading '/' from absolute path names
# file: home/vasya
# owner: vasya
# group: share
user::rwx
user:vasya:rwx
group::r-x
mask::rwx
other::r-x

I tried to use acl:
setfacl -Rm u:vasya:rwx /home/vasya
But after creating directories from root, the rights to root are still assigned:

getfacl /home/vasya/test
getfacl: Removing leading '/' from absolute path names
# file: home/vasya/test
# owner: root
# group: root
user::rwx
group::r-x
other::r-x

How can one "fix" the rights of a directory so that they are also inherited by other directories?

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

V

vreitech, 2019-08-27
@fzfx

setfacl -Rm d:u:vasya:rwx /home/vasya
setfacl -Rm u:vasya:rwx /home/vasya

S

Saboteur, 2019-08-27
@saboteur_kiev

Why bother with root?
Do su www-data or su and work with files.

U

unwrecker, 2019-08-27
@unwrecker

In order to fix it, and not fix it after the change, you need to set setgid and setuid to the directory.
chmod -R u+s /home/vasya
chmod -R g+s /home/vasya

C

CityCat4, 2019-08-27
@CityCat4

Theoretically, you can use chattr. But won't you create even bigger problems in this way? FreeBSD has a similar chflags command. So, after setting the system immutable flag (which makes any modification of the file impossible, root or not - fuck it) - it was possible to remove it only in single-user mode.