This is probably a pretty basic unix questions, but how does one set file permissions per user so that files created by some users can be modified by some other users, but not by others?
Something to do with the umask command?

What I'm trying to accomplish is to set up file permissions so that my kids only have access to files they individually create. while all files/folders can be edited/deleted by me an my wife.

This is probably a pretty basic unix questions, but how does one set file permissions per user so that files created by some users can be modified by some other users, but not by others?
Something to do with the umask command?

What I'm trying to accomplish is to set up file permissions so that my kids only have access to files they individually create. while all files/folders can be edited/deleted by me an my wife.


You'll have to setup some groups. I assume you're using a linux SMB (Samba) server, and your kids will be creating files logged in under their own windows account on a windows pc networked to the linux server?

I'm not sure what you're using for a linux distro, so I'll try to be as generic as possible. I'm also not even close to being any sort of linux guru, so anyone feel free to correct me if I'm saying anything stupid.

First, make a group... something like "parents". Put yours and your wife's (or wives' if you're Mormon) user accounts in that group. Don't put your kids in that group.

Now, edit the properties of the samba share so that all new files created/edited via that share have a permission of "770" and a default group of "parents". This way, the kids cannot access their siblings or parents files, but the parents can access all files created on the share.

One of the drawbacks of doing it this way is that if you edit and save one of your kids files under your own account, they will not have access to it anymore.

Theres the following commands:

chown -- changes the user ownership of a file.
chgrp -- changes the group ownership of the file
chmod -- changes the permissions on the file.

For the chown command, there are the following "bits": w, r, and x, for each of "all", user, and group.

So for example, say you want to grant read/write/execute priviledges on a file to all users, you go:

chmod a+wrx <filename>

or if you want to remove read/write priviledges on a file to the group's users:

chmod g-rw

Obviously the 'x' bit is useless if the 'r' bit is not set -- the shell/kernel cannot execute something that its not allowed to read.

Its a pretty complex area, but understanding permissions, uids, and gids is fundamental to understanding Unix. I suggest you get a book or something.