1

Here's my situation:

  • I have a user storageUser with a home directory of /storage
  • storageUser owns /storage with full (RWE) rights
  • Within /storage I have a directory media
  • I'd like to create a new user mediaUser who's home directory is /storage/media with read-only permissions while maintaining storageUser's full RWE permissions

When using FTP or SSH to sign into the server, I'd like storageUser to be in control of /storage with full RWE permissions, while mediaUser only being able to read /storage/media. I'd like to give access to mediaUser in the future to share my media folder without people being able to make any changes.

Here's what I tried:

  • Created mediaUser and set their password
useradd mediaUser
passwd mediaUser
...
  • Created a new group storageGroup
groupadd storageGroup
  • Added both storageUser and mediaUser to the group
usermod -a -G storageGroup storageUser
usermod -a -G storageGroup mediaUser
  • Changed ownership permissions so that storageUser would have permission level 7 (read-write-execute) and storageGroup would have permission level 4 (read-only)
chown -R storageUser:storageGroup media
chmod -R 740 Media
  • Changed the home directory of mediaUser
usermod -d /storage/media mediaUser

Permissions for storageUser seem to working OK, but when I SSH into the server as mediaUser, I get this error:

Could not chdir to home directory /storage/media: Permission denied

mediaUser also cannot read directory contents with ls

ls: cannot access '/storage/media': Permission denied

What am I doing wrong?

Improve this question
5
  • 5
    "both users must own the sub-directory" - this isn't possible: you can only have one owner. Instead, please describe (in words) what you want to achieve Commented Jan 7, 2024 at 23:39
  • @ChrisDavies Essentially, I want storageUser to be the main owner of /storage, but also have a second media user that can only read the media subdirectory. This is so that storageUser can edit, upload, and delete files, but I want to give access to other people to only be able to view/download from the media folder Commented Jan 8, 2024 at 2:22
  • 5
    @Omaro_IB Welcome, the whole concept of a user's home directory is that such user is the owner with their own settings, configurations and files. The goal you want to achieve doesn't seem related to home directories, but just group. permissions and ownership. Commented Jan 8, 2024 at 3:05
  • Try creating 2 users, each with their own home directories, even if they are never used, and then put both users you created in the same group. Give members of that group rwx access to the same directory OUTSIDE OF the /home/ directory. This is what @shrodingerscat is referring to. Commented Jan 8, 2024 at 22:47
  • 1
    @Omaro_IB - what perms did you set on /storage? And the perms on /storage/media need to be 750, not 740. Commented Jan 9, 2024 at 5:06

2 Answers 2

Reset to default
1

Create Users

  1. useradd mediaUser
  2. useradd storageUser

Setup Users

  1. passwd mediaUser
  2. passwd storageUser

Create Group

  1. groupadd storageGroup

Create Directory

  1. mkdir /storage/media

Assign Users to Group

  1. usermod -a -G storageGroup {mediaUser,storageUser}

Change Owner of Directory to Group

  1. chgrp storageGroup /storage/media

Now everyone in group storageGroup owns the particular directory. Removing a user from storageGroup also removes access to that directory. See also man chgrp This method also removes the need for storageUser, unless you're using that user for some other reason.

Improve this answer
0

Beside users, groups, permissions and physical folders you can create soft or hard link with command ln which should make folders work as you expect. Entering the folder provided by link (shortcut) should work as it was real folder.

By default ln creates hard link, with option -s it creates soft link. Look into manual by man ln.

Improve this answer
1
  • A soft link doesn't work because in order to access the original file, the user must have access to the directory the file is in (which is the entire issue), a hard link doesn't work either since it would require a cross-device link (/storage is mounted on an external disk) Commented Jan 8, 2024 at 18:55

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.