how to yield all users the read/write permission for files in a the common directory
I have installed Ubuntu system at an SS disk and I wish users to access partitions of the second (mechanical) disk as common depositories with full read/write/delete permissions for each file. And I wish that each user see such a partition (say /dev/sdb7) as a directory with a fixed name (say /home/the_user/F). I was advised (Is it possible to mount a partition as a common depository for users with the same relative path?) to mount the partition during boot and to symlink that mountpoint to somewhere in the user's home. However, in the manual for
linkI see an option
‘-d’
‘-F’
‘--directory’
Allow users with appropriate privileges to attempt to make hard
links to directories. However, note that this will probably fail
due to system restrictions, even for the super-user.
I am afraid of it. Please advise me an example of a proper link; and the corresponding group or bindfs commands to be used at user login or once forever by the root. Thanks!
Solution 1:
You don't need to use hard links, actually we can not create a hard link to a directory because it makes loop in file system hierarchy.
You have to use -s option to create a symlink (symbolic link):
Let's say I have mounted /dev/sda7 on /media/some/mount/point. To create a link to this path I have to run:
ln -s [target] [symlink]
Like:
ln -s /media/some/mount/point /home/username/F
The permission of link would be 777 but however a symlink is a different file from you actual directory, it only grant access to symlink itself and the user must have correct permissions to be able to work with the files in /media/some/mount/point.
Solution 2:
Regarding your concern about linking to the mounted directory, it sounds like you may have simply stumbled onto the wrong program. According to your post, you were advised to create symbolic links (i.e. symlinks). However the link command only creates hard links. To create symbolic links you can use the ln command instead, e.g.:
ln -s /path/to/mount/point /home/the_user/F
Regarding shared access, you can set this up using ACLs (access control lists), e.g.:
sudo setfacl -Rm g:mount-group:rwx /path/to/mount/point
sudo setfacl -Rdm g:mount-group:rwx /path/to/mount/point
To demonstrate what this might look like and give you a starting-point to experiment with, here's a longer example which bind-mounts a directory (you would replace this with the actual mount that you want), sets its ownership and permissions (using access control lists), and then creates a symbolic link to it inside another directory:
# Create a group to own the shared mount
sudo groupadd mount-group
# Create a user that belongs to this group
sudo adduser mount-user
sudo usermod -a -G mount-group mount-user
# Create a directory to mount
mkdir /tmp/mount-source
# Create the mount-point
mkdir /tmp/mount-target
# Bind-mount the directory onto the mount point
sudo mount --bind /tmp/mount-source /tmp/mount-target
# Set the group owner for the mounted volume
sudo chown :mount-group /tmp/mount-target
# Set the group permissions to match the user permissions
sudo chmod -R g=u /tmp/mount-target
# Set the setgid bit on the mounted volume
sudo chmod g=u,g+s /tmp/mount-source
# Set the ownership and permissions for the mounted volume using an ACL
sudo setfacl -Rm g:mount-group:rwx /tmp/mount-target
# Set the default ownership and permissions for files created inside the mount-point
sudo setfacl -Rdm g:mount-group:rwx /tmp/mount-target
# Login as the test user
su -l mount-user
# Link a subdirectory inside the user's home folder to the mounted volume
ln -s /tmp/mount-target ~/link-to-mount-target
# Create a new file inside the mounted volume
echo 'Hello world!' > ~/link-to-mount-target/hello.txt
# Check the permissions on the new file
getfacl ~/link-to-mount-target/hello.txt