I want to execute one command and I want that it is executed with a specific groupname, that I'm belonging to, but which is not my default group. So all files created will belong to that group. Is there a command for that? There is chgrp to fix it afterwards. Then I found newgrp (https://unix.stackexchange.com/questions/23093/changing-my-default-primary-gid-for-every-login-session) , but that creates a subshell. Thus a oneliner newgroup && cmd does not work. And the shell needs to be closed later. Both approaches looks error prone.

I am getting this error from git:

fatal: detected dubious ownership in repository at '/run/media/marcel/Хранилище/Dev/Desktop/SimpleAccent'
To add an exception for this directory, call:

        git config --global --add safe.directory '/run/media/marcel/Хранилище/Dev/Desktop/SimpleAccent'

Here's the ls -la for my directory:

drwxrwxrwx. 1 root root 4096 июл 30 18:05 ./
drwxrwxrwx. 1 root root 4096 мая 25 10:57 ../
drwxrwxrwx. 1 root root    0 июн 14 19:03 config/
drwxrwxrwx. 1 root root 4096 июн 15 16:55 .git/
-rwxrwxrwx. 1 root root 3115 июн 16 15:53 .gitignore*
drwxrwxrwx. 1 root root 4096 июл 30 18:11 .idea/
drwxrwxrwx. 1 root root 4096 июн 15 16:46 lib/
-rwxrwxrwx. 1 root root 1065 мая 25 11:22 LICENSE*
drwxrwxrwx. 1 root root    0 июл 28 12:27 logs/
-rwxrwxrwx. 1 root root    0 июл 28 12:53 nohup.out*
drwxrwxrwx. 1 root root    0 мая 28 12:18 platform/
-rwxrwxrwx. 1 root root 1436 июл 15 13:50 README.md*
drwxrwxrwx. 1 root root    0 июл 28 12:27 scripts/
drwxrwxrwx. 1 root root    0 июн 16 20:06 setup/
-rwxrwxrwx. 1 root root 2620 июл 30 18:05 simpleaccent.py*
drwxrwxrwx. 1 root root 4096 июн 15 14:08 _util/
drwxrwxrwx. 1 root root    0 июн 14 19:46 .vscode/

They are all root, my user is marcel. I do sudo chown -R marcel:marcel . while in the directory, but the owner is still root. I try sudo chown -R marcel . ; sudo chgrp -R marcel ., but it's none the better. How to make chown work? #### Specs, if that could matter

marcel@fedora 
------------- 
OS: Fedora Linux 38 (KDE Plasma) x86_64 
Host: MS-7D18 2.0 
Kernel: 6.4.4-200.fc38.x86_64 
Uptime: 46 mins 
Packages: 2015 (rpm), 13 (flatpak) 
Shell: bash 5.2.15 
Resolution: 1920x1080 
DE: Plasma 5.27.6 
WM: kwin 
Theme: [Plasma], Breeze [GTK2/3] 
Icons: [Plasma], breeze-dark [GTK2/3] 
Terminal: tmux 
CPU: 11th Gen Intel i5-11400 (12) @ 4.400GHz 
GPU: NVIDIA GeForce RTX 3060 Lite Hash Rate 
Memory: 5712MiB / 15875MiB

I have a service that exists in the root directory and I want to give user group admin permissions to run the service. The service exists in /root/home/custom_service/service.service I tried chgrp admin ./home/custom_service/ then chmod g+rx ./home/custom_service/ When I check the permissions with ls -l ./home/custom_service/ I get -rw-r-xr-- 1 root admin 449 May 30 11:23 service.service When I try and run the service from my testUsr account (which is in the group admin) this is the result: I ran: systemctl start service.service Result: ==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units === Authentication is required to manage system services or units. Authenticating as: scarycall Password: polkit-agent-helper-1: pam_authenticate failed: Permission denied ==== AUTHENTICATION FAILED === Failed to start service.service: Access denied See system logs and 'systemctl status service.service' for details. Note: I am able to run the service from root. ---------------------------------------------------------------------- UPDATE: Here is my polkit rule file: Array.prototype.includes = function(variable) { for (var i = 0; i < this.length; i++) { if (this[i] === variable) { return true; } } return false; } polkit.addRule(function(action, subject) { var allowed = { units: [ // Here you can add units that you want to allow admin users to manage. "service.service" ], actions: [ "org.freedesktop.systemd1.manage-units" ], verbs: [ "start", "stop", "restart" ] } var unit_name = action.lookup("unit"); polkit.log("Action" + action); polkit.log("Unit=" + unit_name); polkit.log("Action ID=" + action.id); polkit.log("Verb=" + action.lookup("verb")); polkit.log("Subject=" + subject); if (allowed.actions.includes(action.id) && allowed.units.includes(unit_name) && allowed.verbs.includes(action.lookup("verb")) && subject.isInGroup("admin") ) { return polkit.Result.YES; } }); The system I am running on has systemd version 219 which does not pass unit or verb through the action. Here is what the logs from this rule look like: /etc/polkit-1/rules.d/10-insight-service.rules:23: Action[Action id='org.freedesktop.systemd1.manage-units /etc/polkit-1/rules.d/10-insight-service.rules:24: Unit=undefined /etc/polkit-1/rules.d/10-insight-service.rules:25: Action ID=org.freedesktop.systemd1.manage-units /etc/polkit-1/rules.d/10-insight-service.rules:26: Verb=undefined /etc/polkit-1/rules.d/10-insight-service.rules:27: Subject=[Subject pid=13762 user='testUsr' groups=admin seat='' session='2072' local=false active=true] The unit and verb details were not added until v226 seen here: https://github.com/systemd/systemd/commit/88ced61bf9673407f4b15bf51b1b408fd78c149d **RESOLUTION:** Because the system I am running on runs an older version of systemd it does not support the unit or verb details of action. So I resolved to use sudo permissions and that worked. In the sudoer file I added: %admin ALL= NOPASSWD: /bin/systemctl start service.service %admin ALL= NOPASSWD: /bin/systemctl stop service.service %admin ALL= NOPASSWD: /bin/systemctl restart service.service %admin ALL= NOPASSWD: /bin/systemctl status service.service

I have 3 specific user accounts (less than 10 anyway), for all files & folders under a specific /data or /home directory, I want to change just the group ownership of all occurring files/folders of those specific users. I don't know where everywhere might be (besides /home and /data) so I want to do a -R on /. Is there a way to do that? The existing group is named XYZ and I want to change all files & folders that are owned by ron.XYZ to ron.users. How can that be done?

I have a file where I want there to be not one but two groups who can have extra privileges to access it. But when I chown or chgrp it to a group it always erases the previous group. How do I add a group owner without deleting the existing group owner. Thanks you so much for the help :D

[root@localhost ~]# getfattr -m - -d /bin/tcpm getfattr: Removing leading '/' from absolute path names # file: bin/tcpm security.capability=0sAQAAAgAUAAAAAAAAAAAAAAAAAAA= security.selinux="system_u:object_r:bin_t:s0" [root@localhost ~]# chgrp 951 /bin/tcpm [root@localhost ~]# getfattr -m - -d /bin/tcpm getfattr: Removing leading '/' from absolute path names # file: bin/tcpm security.selinux="system_u:object_r:bin_t:s0" after chown uid /bin/tcpm or chgrp gid /bin/tcpm，/bin/tcpm loss xattr(security.capability) #/bin/tcpm provides by tcpm-kmod

The goal is to loop through every file on the server, check if each file or dir has the 'groupA' group in the permissions. If the 'groupA' group is in the permissions, change it to 'groupB'. Otherwise leave it as is. I would really like to use the setfacl command but am coming up short. Got the closest with the code below. Please help

/ -group groupA -exec chown groupB '{}' '+'

Does any version of the chgrp command have a -p option? If so, what does the -p option do? I am aware of the -P option. Example usage: chgrp -p folder group where folder is a folder and group a group.

I just copied all the files/subdirectories in my home directory to another user's home directory. Then I did a recursive chown on his home directory, so that he became the owner of all his files/subdirectories. The last thing I need to do is a recursive chgrp on his home directory, so that his username will be the group for all his files/subdirectories, instead of my username. The issue is that there are a couple of subdirectories whose group is "docker". Inside these subdirectories, there are some files/directories whose group is my username, and some other files/directories whose group is "docker". How do I recursively run chgrp on his home directory so that every single file/subdirectory whose group is my username gets changed to his username, but every single file/subdirectory whose group is "docker" stays "docker"?

I have a group called homeperms on an Ubuntu system, with a few users: $ cat /etc/group | grep "homeperms" homeperms:x:1004:jorik,tim.wijma,vanveenjorik,jorik_c And I've done $ sudo chgrp -R homeperms /home. But when I try to md /home/flask. I get a permission denied error (Happens with any other folder name too). I don't want to 777 the folders since I'm going to be dealing with web server stuff. Permissions of home in / drwxr-xr-x 12 vanveenjorik homeperms 4096 Jul 6 09:06 home permissions inside /home: drwxr-xr-x 6 vanveenjorik homeperms 4096 Jul 3 20:08 19150 drwxr-xr-x 3 codeanywhere-ssh-key homeperms 4096 Jul 6 08:00 codeanywhere-ssh-key drwxr-xr-x 2 vanveenjorik homeperms 4096 Jul 6 09:13 downloads drwxr-xr-x 5 vanveenjorik homeperms 4096 Jul 4 08:43 jorik drwxr-xr-x 4 jorik_c homeperms 4096 Jul 6 08:09 jorik_c drwxrwxr-x 4 vanveenjorik homeperms 4096 Jul 3 20:15 mkdir_python drwxr-xr-x 5 vanveenjorik homeperms 4096 Jul 4 09:09 tim.wijma drwxr-xr-x 3 vanveenjorik homeperms 4096 Jul 3 18:20 ubuntu drwxr-xr-x 5 vanveenjorik homeperms 4096 Jul 4 09:27 vanveenjorik drwxrwxr-x 3 vanveenjorik homeperms 4096 Jul 3 22:28 venvs I am trying to do this on the user 'jorik_c' and with sudo this (of course) works flawlessly Before this gets marked as duplicate, the answer to this question , didn't help.

I am a beginner here at unix administration. When we create a Unix user, we get a home directory for the user. Inside the home directory i.e ~/ for all the files and directories that we create, what is the use of setting the file permissions? As what I understand is the owner will always be the user and the home directory purpose is to isolate the files and directories for that user. So, when no other user except the root can log in to the user's home directory, what is the user to give the group permissions for the files inside the home directory for the user. Am I missing something here?

When using chgrp or chown I see zero used quite frequently as the named group or user, instead of root. Is there a preference for either? And in what use case is the numeric arg preferable?

I created a directory, which is owned by the www-data group. I would like to make the files in it writeable by the members of the group, no matter who created the file. My username is pi. I tried it like this:

mkdir ./shared
sudo chown pi ./shared
sudo chgrp www-data ./shared
sudo chmod -R 770 ./shared
sudo chmod g+sw ./shared

If I check it with ls -l, it looks like this:

drwxrws--- 2 pi   www-data 4096 sept 28 17:10  shared

I created a new file in it:

cd ./shared
touch ./test.txt

But if I check, the group has no write right for the new test.txt

-rw-r--r-- 1 pi www-data 0 sept 28 17:10 test.txt

What do I wrong? I can not run sudo chmod -R 770 ./shared each time, a new file is created in the directory by a script/webserver. How is it possible to create a shared directory, where both the owner and the group members have read and write rights for the files, regardless who created a specific file?

I am logged under 'achille' achille belongs to 2 groups: groups achille achille: achille users I want to change the group owner of file 'tree.test' to group 'users' ls -l tree.test -rw-r--r--. 1 achille achille 2512881 Dec 1 11:53 tree.test I have got full control over my home dir: ls -ld $HOME drwx------. 15 achille achille 4096 Dec 10 11:51 /home/achille I try: chown :users tree.test chown: changing group of 'tree.test': Operation not permitted I try: chgrp users tree.test chgrp: changing group of 'tree.test': Operation not permitted ok, so I decide to have as primary group the group 'users' usermod command is available to achille, so I use it (right?): usermod -g users achille usermod: Permission denied. usermod: cannot lock /etc/passwd; try again later I log as root to perform this operation (changing primary group) su - password: then usermod -g users achille and check it out: id -gn achille users then ctrl + D to log back to achille the file finally belongs to groups 'users' but the result is bad because my home dir and all files/dirs inside also belong to group users. I finally found a way (without beeing logged as root) with newgrp command: newgrp users id -gn users touch file0 file0 will have users as group owner but it looks like newgrp works as long as achille belongs to the group you want to change to otherwise you 've got this error message: newgrp games Password: (what password to put here?) newgrp: failed to crypt password with previous salt: Invalid argument ???? so now I am just wondering (and asking), if chgrp,chown,usermod are worth keeping in tools bag beeing an unprivileged user. thanx folks!

I have a strange behaviour with a shared NAS between multiple hosts. Every host reaches a shared folder mounted on /sharedfolder on the same source (##.###.###.###:/filesystem, where ## are the numbers of the original ip address). On the **Host1** is shown the group httpd on the folder /sharedfolder, but on the Host2 is shown mygroup for the same resources. How's possible and what should I do in order to obtain the same group information on each host? **Host1:** [myuser@host1 sharedfolder]$ df -h File system Dim. Usati Dispon. Uso% Montato su /dev/mapper/vg_root-lv_root 97G 4,4G 93G 5% / devtmpfs 2,0G 0 2,0G 0% /dev tmpfs 2,0G 0 2,0G 0% /dev/shm tmpfs 2,0G 84M 1,9G 5% /run tmpfs 2,0G 0 2,0G 0% /sys/fs/cgroup /dev/sda1 1014M 130M 885M 13% /boot ##.###.###.###:/filesystem 61G 3,0G 58G 5% /sharedfolder tmpfs 395M 0 395M 0% /run/user/1001 [myuser@host1 ~]$ cd /sharedfolder/ [myuser@host1 sharedfolder]$ ll totale 16 drwxrwxr-x 3 root httpd 4096 4 dic 10.50 folder1 drwxrwxr-x 2 myuser httpd 4096 29 apr 16.49 folder2 drwxrwxr-x 5 root httpd 4096 13 feb 23.09 folder3 drwxrwxr-x 3 myuser httpd 4096 21 apr 15.12 folder4 **Host2:** [myuser@host2 ~]$ df -h File system Dim. Usati Dispon. Uso% Montato su /dev/mapper/vg_root-lv_root 97G 45G 53G 46% / devtmpfs 7,9G 0 7,9G 0% /dev tmpfs 7,9G 0 7,9G 0% /dev/shm tmpfs 7,9G 76M 7,8G 1% /run tmpfs 7,9G 0 7,9G 0% /sys/fs/cgroup /dev/sda1 1014M 130M 885M 13% /boot ##.###.###.###:/filesystem 61G 3,0G 58G 5% /sharedfolder tmpfs 1,6G 0 1,6G 0% /run/user/0 /dev/mapper/vg_fs-lv_fs 400G 295G 106G 74% /anothervolume tmpfs 1,6G 0 1,6G 0% /run/user/1001 [myuser@host2 ~]$ cd /sharedfolder/ [myuser@host2 sharedfolder]$ ll totale 16 drwxrwxr-x 3 root mygroup 4096 4 dic 10.50 folder1 drwxrwxr-x 2 myuser mygroup 4096 29 apr 16.49 folder2 drwxrwxr-x 5 root mygroup 4096 13 feb 23.09 folder3 drwxrwxr-x 3 myuser mygroup 4096 21 apr 15.12 folder4

On our file server, we are using a bunch of Linux groups that are still in use and need to be replaced by their counterparts in AD. The groups in AD and /etc/groups have an identical name, so, (I'm guessing?) chgrp won't really be of much use here. My question is this: What's the best way of changing the group ownership of specific files on our file server to point to the groups in AD instead of the Linux groups? I was thinking of possibly changing by GID instead of group names, but that just seems like a recipe for disaster.

Few days ago i have installed elasticsearch, For diagnosing some problems on my elasticsearch setup, i have checked the logs files located in /var/log/elasticsearch and tailed them but apparently the directory's owner is elasticsearch and the group is elasticsearch, therefore i have resolved it by switching to root and apply the tail (not an elegant way). Now I would like to write a simple script to tail those files (I'm using tmux), Does anybody has a suggestion how to overcome the the privileges issue while using a script? I prefer keeping the ownership to elasticsearch user.

Is there any difference between mounting a filesystem with gid=501 mount option vs chgrp 501 $fs after it's mounted? I want to know if mounting with gid mount option buys me anything that chgrp (as root) on the filesystem after mounting doesn't. I dont think it matters, but this is debugfs on a recent 3.x kernel.

I am analyzing one script and I cannot find online what chgrp 0 mean in the following line: find $1 -follow -exec chgrp 0 {} so find $1 takes parameter, -follow causes find to follow symlinks, -exec executes the command, chgrp 0 change group ownership, **but what 0 do?**, {} for all items found by the find command. Please correct me if I am wrong with something.

I have a Ubuntu 16.04 Nginx server environment with several CMS (WordPress) websites under document root. All the site directories have www-data as owner and group, recursively. --- According to some security consultation I got, this is problematic because data from one site could alter any other adjacent site (for example, a malicious module installed in one the CMSs of one of the sites). I assume that the solution would be to change this command which I always run after adding a new site (and also in cron after updates that change owner and group): chown -R www-data:www-data /var/www/html/* To some conditional command that changes these characteristics not just to www-data but to the actual name of the site dir. To clarify, the owner of each site dir should be domain.tld and the group should also be domain.tld (I always name site dirs as per the site's domain.tld). What could be such a conditional command? --- Note: The Nginx user as well as the dir /var/www/html/ will both stay with www-data:www-data. ## Update for G-Man: I have yet to test but I think this is good if you pass ${domain} as the first argument for a variable ($1): chown -R ${domain}:${domain} ${domain}/* Though I'd keep it: chown -R ${domain}:www-data ${domain}/* Of course, adduser ${domain} --disabled-password --disabled-login is needed before, if wasn't done.