Mike Leone on 28 Apr 2010 07:53:59 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Some musings on shell scripts and Linux admin 101

So, here's an update, since I was the one who started that long thread 
on shell scripts, which ended up morphing into possible plans for a 
Linux 101 Basics type talk ..

I originally had a need for vendors to FTP me invoices to the FTP server 
on the DMZ, and I needed to have a way to find any new invoices; zip 
them up; delete them; and then somehow transfer the zip into the trusted 
side of the LAN. With the invaluable help of JP Vossen, I have a shell 
script that does all that (some of the command line options of the ssh 
and rsync commands he posted were incorrect, but that's a minor issue). 
What I needed to keep in mind was group permissions ...

When you create a user in Linux, they all seem to get a "primary group" 
of their very own. For example, if I create user Mike, the primary group 
is Mike. No one else is in that group; it's just me. I can add Mike to 
other groups, however.

But consider - when the account FileCollector comes along and tries to 
delete a file in Mike's home directory, it will fail, as FileCollector 
(by default) is in a primary group other than Mike. Even if the file had 
group R/W permissions, it will fail. And by default, when you FTP a file 
in, it gets set to the sending user's primary group.

So I had to change all the vendor accounts to have a primary group that 
is the same as the FileCollector account. This way, any new files also 
have that group setting. And so the script will have to do a recursive 
chmod g+w on the directory tree where the files are stored, to ensure 
that group members have write access, to be able to delete them.

(I'm sure there are other ways; this is the one that involved the least 
work, going forward)

So for my problem, in addition to the shell scripting example posted, I 
need to take Linux group memberships into account, and make sure every 
account was in the same primary group, so the special FileCollector 
account could come along and delete things when it does it's housekeeping.

Something to be aware of, perhaps, for a Linux 101 Basics sort of a talk.
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug