Learn how multiple users can read and write to a data directory.
This is a problem you face when you are developing a web system in Perl and the web applications launched by different development users upload files to the data storage directory. Allows multiple users to read and write, not just a specific user.
By setting an owner group called "myapp-group" for all files under the data storage directory and setting a special permission SGID to the data storage directory (top directory), newly created files will also be in the same group. Can be given.
SGID is an abbreviation for Set Group ID. By setting it to a directory, the owner group will be the same as the top directory when new files under the directory are created.
Procedures for multiple users to read and write to the data directory
This is a procedure for multiple users to read and write to the data directory. The data directory is "/ datadrive".
Create a group for your application
Create a group for your application with the groupadd command. The name is "myapp-group".
sudo groupadd myapp-group
Add development user to myapp-group group
Add the development user to the myapp-group group with the gpasswd command.
sudo gpasswd -a myapp myapp-group sudo gpasswd -a yamada myapp-group
Recursively change the owner group of files under the data directory to myapp-group
Recursively change the owner group of files under the data directory to myapp-group with the chgrp command.
sudo chgrp -R myapp-group / datadrive
Give write permission to the group
Give "/ datadrive" write permission for the group.
sudo chmod 775 / datadrive
Set special permissions SGID for data directories
Set a special permission SGID for the data directory with the chmod command.
sudo chmod g + s / datadrive
If you check with the ls command, s is set.
ls -l / | grep datadrive
It is a part of the output result.
drwxr-sr-x 7 myapp myapp-group 115 Jun 3 10:36 / datadrive
Now the data directory is ready for the files to be uploaded by the web application launched by multiple developers.
The reflection of the addition to the group will be recognized when the user logs in, so if your user is the user who added to the group, log out and log in once.