How can two users be the owners of a file?

As per the title, I have to create a file, for example:

/home/john/file.ini

I created a user and a group, myuser and mygroup, and set them to be the owner and group of this file.ini:

chown myuser:mygroup file.ini

I have another user named mymain. This user must be able to read this file. How can I change the permissions to allow this?

Important: I want to allow only the "mymain" user to read this file, NOT all other users.

So myuser (the owner of the file) and mymain should have access.


In the traditional Unix file permission system that's not possible: a file has only a single owner. You could create a group containing just the two users that should have access and make that the owning group of the file (and give the desired permissions to that group). This approach has some administrative overhead, however (not every user can create a group and place other users in it).

Many (most) modern filesystems support ACLs, however and they aren't too hard to use. If you want to use POSIX ACLs to give another user read (r) and write (w) permissions then you can use this command:

setfacl -m user:mymain:rw file.ini

Two caveats:

  • The necessary tools aren't always installed. On Ubuntu/Debian they are found in the acl package (sudo apt-get install acl)
  • Even if the filesystem used supports ACLs, it might be that your local filesystem is mounted without support for ACLs. In that case you need to modify the mount parameters to enable it (for ext4, for example, that simply means appending ,acl to the mount options in /etc/fstab).

You should make sure that user mymain is a member of mygroup and give the group permissions, like

chmod g+r <filename>

Some filesystems implement ACL (access control lists), and these may proof to be much more useful to you, but they are beyond the scope of my answer here. You will want to read up on ACLs in an enterprise (ADS) setting_

added

Technically, of course, two users cannot simultaneously be the owner of the same file. Also, if you want to mimic that, you should give full permission to the group, perhaps making a special group for just these two 'owners' and the extent to which this actually mimics owernship will be paltform dependent (old-style UNIX-en tend to be very strict in their rules for allowing chmod/chown)