saving files across the network and permissions dilemma

R

Roadie

Registered
Hey,

I recently set up an imac to use as a file server for our studio. There are two of us here, each with our own computer (one pc and one mac) and the imac. What we are running into is when one of us creates a file or folder on the imac, the other one doesnt have good enough permissions to work with it. I may be able to open it, but if I open up a file that he created and work on it then try and save it, i'm not allowed to.

So, what I'm wondering is, is there a way to create files and folders with permissions set so that everyone can read and write? right now I have to keep going in and setting the permissions on the folder and then applying those permissions to all the enclosed items.
 
Well, how are you creating the folders? Are you uploading them, or logging into the computer and creating them from there?

One way I can think of that should work for both cases is to create a new group, and then add both users to that group. That way both of you should be able to edit the files (so long as whatever is creating the files is setting rw for the group as well).
 
most of the time we are logging into the computer and then creating the folders.

I am pretty sure we are both members of the same group already...we are both administrators on the machine, so would/t that automatically place us in the same group?
 
Well, yes and no. Yes, you are both part of the admin group, but by default (on 10.3.x) they're set up to be part of a group that is named the same as their short name (i.e. if your user name is roadie, your group will also be roadie). When you create files & folders, it will use that group by default. You'd have to change the group (NetInfo is probably the easiest way to do that).

The system will, however, create files & folders with the group admin if you're creating the files in a folder that already has its group set to admin. It doesn't matter who the owner of this folder is, if the group is set to admin the files or folders created inside it will be part of the group admin as well. This might work for the both of you. :)
 
[bit of a tangent]
Seems like a long time since I had troubles with this - but when I set up an OS X Jaguar Server the only way to get non-admin users to share files on the server was to make everyone use the same account on the server. I am interested to know if things have changed - the default model for permissions was that people in the same group could read and SAVE AS only - not SAVE "shared files". And any activity by an admin user (even one belonging to the same group) would remove access permissions for non-admin users.
[back on topic]
I know of an app. called SharePoints (-> VersionTraker) which could be the solution to your problems. [I'm pretty sure I wouldn't have bothered with Jaguar Server if I'd known about this app. 18 months ago.]
 
I think the best way is for both of you to use the "Drop Box" in the "Public" folder of the admin user on the iMac server computer. I think that's the best place on the server to allow universal access. Elsewhere on the server you will probably have to determine users manually, which is time consuming as you are well aware.
 
Choose 'get info' on the file, expand the permissions section. You can change the permissions for yourself, the group, and the whole world. You can also change the group the files belong to, so that they belong to a group that you both belong to.

You can also change the permissions for the entire contents of a folder that way.
 
scruffy - thats what i am doing now, thats the problem. i dont want to have to go into 'get info' every time i create a file or folder.
 
Hm.. If you're making files from the shell, you could just use the umask command once per session, but I don't know how to do it from the gui.
 
ARGH!! This is still driving us crazy!!

We have tried everything and we are still running into the same problem. If I create a file from a windows machine and save it onto the imac, he can open it up on his mac but not save over it. We have to go over to the imac and manually change the permisiions on the file... which is REALLY FREAKING ANNOYING.

I've tried using sharepoints, using the public folders, even tried setting up a shared folder on another windows pc and using that, but we still get the same issues.

Somebody ou tthere has got to know what the deal is..help me obi-wan kenobi, youre our only hope.
 
Well, Obi Wan I am not, but I do have a logical mind. So did you mention what software you are using to network the mac and pc together (or is this too old school? I remember programs like David facilitating this pc to mac transaction.)

I do also know that macs connected to a pc server get their mac files copied and corrupted by pc servers due to dot extension conflicts/not being recognized, etc. Could this be part of your issue?

Hope this helps. :)

Roadie said:
ARGH!! This is still driving us crazy!!

We have tried everything and we are still running into the same problem. If I create a file from a windows machine and save it onto the imac, he can open it up on his mac but not save over it. We have to go over to the imac and manually change the permisiions on the file... which is REALLY FREAKING ANNOYING.

I've tried using sharepoints, using the public folders, even tried setting up a shared folder on another windows pc and using that, but we still get the same issues.

Somebody ou tthere has got to know what the deal is..help me obi-wan kenobi, youre our only hope.
Click to expand...
 
Hi again Roadie,

Sorry you're still having trouble with this. I'm still under the impression that this is how it is supposed to work. (At least when we set up OS X 10.2.x [Server].) The way we got things to work was to have all users access the Server with the same account. A single non-admin account was set up on the server and we all log in using only that account. Logging in from a PC was made much cleaner when PC-MacLan or Dave was used on the PC that needed it (can't remember which one allows AFP access from PCs to a Mac).

We're also running an SMB share with guest access enabled for the rest of the PC based office - but this is only for temporary storage of "stuff" going one way or the other (not back and forth).

Sharing files seems to work best with the fewest possible protocols involved. (SMB, UNIX and old fashioned AppleTalk didn't seem to get along too well when all trying to access the same files.)

Not an ideal solution perhaps, but there came the time when we stopped trying to get the software to do what we though it said it would and we found work-arounds. Hrumpf.
 
check the manpage for chmod:

4000 (the set-user-ID-on-execution bit) Executable files with
this bit set will run with effective uid set to the uid of
the file owner. Directories with the set-user-id bit set
will force all files and sub-directories created in them to
be owned by the directory owner and not by the uid of the
creating process, if the underlying file system supports
this feature: see chmod(2) and the suiddir option to
mount(8).
Click to expand...
 
Hey scruffy - you're a bit deep in UNIX for me, but does this mean does that the following command in a Terminal session might sort this out?

chmod -R 6770 Folder

As far as I can make out from the manpages this should (recursively) apply read-right-execute permissions for the user and group [but not "everyone"] and thereafter any new files copied into this Share will inherit these new settings and be saveable by any users specified as owner/group?

Next I guess that

chown - R :admin Folder

would ensure that "admin" is the primary group for the share-point and that all admin users can access it fully....

Yes/No/Maybe?

Big-up the Terminal?
 
hey, i never got any emails that there were replies after my last post...i'll try this stuff out over the weekend.

thanks for the help.
 
You must log in or register to reply here.
Back
Top