Allow to share files between users on the same machine : Blueprints : Ubuntu

<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <base href="https://blueprints.launchpad.net/ubuntu/+spec/local-file-share/+index" /> <meta charset="UTF-8" /> <title>Allow to share files between users on the same machine : Blueprints : Ubuntu</title> <link rel="apple-touch-icon" sizes="180x180" href="/@@/apple-touch-icon.png?v=2022" /> <link rel="icon" type="image/png" sizes="32x32" href="/@@/favicon-32x32.png?v=2022" /> <link rel="icon" type="image/png" sizes="16x16" href="/@@/favicon-16x16.png?v=2022" /> <link rel="manifest" href="/@@/site.webmanifest?v=2022" /> <link rel="mask-icon" href="/@@/safari-pinned-tab.svg?v=2022" color="#e9531f" /> <link rel="shortcut icon" href="/@@/favicon.ico?v=2022" /> <meta name="msapplication-TileColor" content="#da532c" /> <meta name="msapplication-config" content="/@@/browserconfig.xml?v=2022" /> <meta name="theme-color" content="#ffffff" /> <link type="text/css" rel="stylesheet" media="screen, print" href="/+icing/revaa29ae0fff49e4e804b39147c9f259d2fb023199/combo.css" /> <meta name="description" content="At the time, there's absolutely no easy way for a user to give a file to another user on the same computer: you'd better use an email. It would be nice to add a "Shared folder" common to all physical users of the system, that would be used in home desktops: you should be able to copy a file to there and another to read/edit it. In an improved version (to overdo Windows here), we could create folders to share files exclusively with one user. On desktops, with typically < 5 users, this is not a..." /> <meta property="og:description" content="At the time, there's absolutely no easy way for a user to give a file to another user on the same computer: you'd better use an email. It would be nice to add a "Shared folder" common to all physical users of the system, that would be used in home desktops: you should be able to copy a file to there and another to read/edit it. In an improved version (to overdo Windows here), we could create folders to share files exclusively with one user. On desktops, with typically < 5 users, this is not a..." /> <meta property="og:title" content="Allow to share files between users on the same machine : Blueprints : Ubuntu" /> <meta property="og:type" content="website" /> <meta property="og:image" content="/@@/launchpad-og-image.png" /> <meta property="og:url" content="https://blueprints.launchpad.net/ubuntu/+spec/local-file-share/+index" /> <meta property="og:site_name" content="Launchpad" /> <script type="text/javascript"> var LP = { cache: {}, links: {} }; </script> <script type="text/javascript">var cookie_scope = '; Path=/; Secure; Domain=.launchpad.net';</script> <script type="text/javascript" src="/+combo/revaa29ae0fff49e4e804b39147c9f259d2fb023199/?yui/yui/yui-min.js&lp/meta.js&yui/loader/loader-min.js"></script> <script type="text/javascript"> var raw = null; if (LP.devmode) { raw = 'raw'; } YUI.GlobalConfig = { combine: true, comboBase: '/+combo/revaa29ae0fff49e4e804b39147c9f259d2fb023199/?', root: 'yui/', filter: raw, debug: false, fetchCSS: false, maxURLLength: 2000, groups: { lp: { combine: true, base: '/+combo/revaa29ae0fff49e4e804b39147c9f259d2fb023199/?lp/', comboBase: '/+combo/revaa29ae0fff49e4e804b39147c9f259d2fb023199/?', root: 'lp/', // comes from including lp/meta.js modules: LP_MODULES, fetchCSS: false } } }</script> <script type="text/javascript"> // we need this to create a single YUI instance all events and code // talks across. All instances of YUI().use should be based off of // LPJS instead. var LPJS = new YUI(); </script> <script id="base-layout-load-scripts" type="text/javascript"> //<![CDATA[ LPJS.use('base', 'node', 'console', 'event', 'oop', 'lp', 'lp.app.foldables','lp.app.sorttable', 'lp.app.inlinehelp', 'lp.app.links', 'lp.bugs.bugtask_index', 'lp.bugs.subscribers', 'lp.app.ellipsis', 'lp.code.branchmergeproposal.diff', 'lp.views.global', function(Y) { Y.on("domready", function () { var global_view = new Y.lp.views.Global(); global_view.render(); Y.lp.app.sorttable.SortTable.init(); Y.lp.app.inlinehelp.init_help(); Y.lp.activate_collapsibles(); Y.lp.app.foldables.activate(); Y.lp.app.links.check_valid_lp_links(); }); Y.on('lp:context:web_link:changed', function(e) { window.location = e.new_value; }); }); //]]> </script> <script id="base-helper-functions" type="text/javascript"> //<![CDATA[ // This code is pulled from lp.js that needs to be available on every // request. Pulling here to get it outside the scope of the YUI block. function setFocusByName(name) { // Focus the first element matching the given name which can be focused. var nodes = document.getElementsByName(name); var i, node; for (i = 0; i < nodes.length; i++) { node = nodes[i]; if (node.focus) { try { // Trying to focus a hidden element throws an error in IE8. if (node.offsetHeight !== 0) { node.focus(); } } catch (e) { LPJS.use('console', function(Y) { Y.log('In setFocusByName(<' + node.tagName + ' type=' + node.type + '>): ' + e); }); } break; } } } function selectWidget(widget_name, event) { if (event && (event.keyCode === 9 || event.keyCode === 13)) { // Avoid firing if user is tabbing through or simply pressing // enter to submit the form. return; } document.getElementById(widget_name).checked = true; } //]]> </script> <style type="text/css"> #implementation div.yui3-ichoicesource { display: inline; } </style> </head> <body id="document" itemscope="" itemtype="http://schema.org/WebPage" class="tab-specifications main_side public yui3-skin-sam"> <div class="yui-d0"> <div id="locationbar" class="login-logout"> <div id="logincontrol"><a href="https://blueprints.launchpad.net/ubuntu/+spec/local-file-share/+login">Log in / Register</a></div> </div> <div id="watermark" class="watermark-apps-portlet"> <div> <a href="https://launchpad.net/ubuntu"><img alt="" width="64" height="64" src="https://launchpadlibrarian.net/606381979/CoF%2064px.png" /></a> </div> <div class="wide"> <h2 id="watermark-heading"><a href="https://launchpad.net/ubuntu">Ubuntu</a></h2> </div>  <ul class="facetmenu"> <li class="overview"><a href="https://launchpad.net/ubuntu">Overview</a></li> <li class="branches"><a href="https://code.launchpad.net/ubuntu">Code</a></li> <li class="bugs"><a href="https://bugs.launchpad.net/ubuntu">Bugs</a></li> <li class="specifications active"><a href="https://blueprints.launchpad.net/ubuntu">Blueprints</a></li> <li class="translations"><a href="https://translations.launchpad.net/ubuntu">Translations</a></li> <li class="answers"><a href="https://answers.launchpad.net/ubuntu">Answers</a></li> </ul> </div> <div class="yui-t4"> <div id="maincontent" class="yui-main"> <div class="yui-b" dir="ltr"> <div class="context-publication"> <h1 id="edit-title"> <span class="yui3-editable_text-text ellipsis" style="max-width: 95%;"> Allow to share files between users on the same machine </span> </h1> <div id="registration" class="registering"> Registered by <a href="https://launchpad.net/~nalimilan" class="sprite person">Milan Bouchet-Valat</a> <time title="2007-10-27 15:31:46 UTC" datetime="2007-10-27T15:31:46.772231+00:00">on 2007-10-27</time> </div> </div> <div id="request-notifications"> </div> <div> <div id="maincontentsub"> <div class="top-portlet"> <div> <div class="lazr-multiline-edit" id="edit-summary"> <div class="clearfix"> </div> <div class="yui3-editable_text-text"><p>At the time, there's absolutely no easy way for a user to give a file to another user on the same computer: you'd better use an email. It would be nice to add a "Shared folder" common to all physical users of the system, that would be used in home desktops: you should be able to copy a file to there and another to read/edit it. In an improved version (to overdo Windows here), we could create folders to share files exclusively with one user. On desktops, with typically < 5 users, this is not an issue: in Places -> Computer, there is perfectly fit space for it.</p> <p>On the technical side, it appears that default permissions management is not able to do that out of the box. ACLs allow an option (setfacl -d) to keep the permissions of the parent folders for the files created within; though, copying a file won't work (AFAIK and without tricks). A solution would be to use a script to change the permissions every time a file is updated (using dbus and inotify?).</p></div> </div> </div> <ul class="horizontal"> <li id="spec-url"> <a class="sprite external-link" rel="nofollow" href="https://wiki.ubuntu.com/LocalFileShare">Read the full specification</a> </li> </ul> </div> <div class="yui-g"> <div class="portlet"> <h2>Blueprint information</h2> <div class="yui-u first"> <div class="two-column-list"> <dl> <dt>Status:</dt> <dd id="lifecycle-status">Not started</dd> </dl> <dl> <dt>Approver:</dt> <dd> <span id="edit-approver"> <span class="yui3-activator-data-box"> None </span> </span> </dd> </dl> <dl> <dt>Priority:</dt> <dd><span id="edit-priority"> <span class="value specpriorityUNDEFINED">Undefined</span> </span> </dd> </dl> <dl> <dt>Drafter:</dt> <dd> <span id="edit-drafter"> <span class="yui3-activator-data-box"> None </span> </span> </dd> </dl> <dl> <dt>Direction:</dt> <dd><span id="edit-direction_approved"> <span class="value">Needs approval</span> </span> </dd> </dl> <dl> <dt>Assignee:</dt> <dd> <span id="edit-assignee"> <span class="yui3-activator-data-box"> None </span> </span> </dd> </dl> <dl> <dt>Definition:</dt> <dd><span id="edit-definition_status"> <span class="value specstatusDISCUSSION">Discussion</span> </span> </dd> </dl> <dl id="series-goal"> <dt>Series goal:</dt> <dd> None </dd> </dl> <dl> <dt>Implementation:</dt> <dd id="implementation"> <img src="/@@/info" alt="Informational" title="Informational blueprint, no implementation necessary" id="informational-icon" class="hidden" /> <span id="edit-implementation_status"> <span class="value specdeliveryNOTSTARTED">Not started</span> </span> </dd> </dl> <dl id="milestone-target"> <dt>Milestone target:</dt> <dd> None </dd> </dl> <dl id="started-by" class="hidden"> <dt>Started by</dt> <dd> </dd> </dl> <dl id="completed-by" class="hidden"> <dt>Completed by</dt> <dd> </dd> </dl> </div> </div> <div class="yui-u"> <div id="linked_branches"> <h3>Related branches</h3> </div> <div id="bug_links"> <h3>Related bugs</h3> <ul class="horizontal"> </ul> </div> <div> <h3>Sprints</h3> <ul> <li> <span><img src="/@@/maybe" alt="Proposed" title="Proposed for discussion at the meeting" /></span> <a href="/sprints/uds-boston-2007">uds-boston-2007</a> </li> </ul> <ul class="horizontal"> </ul> </div> </div> </div> </div> <div class="portlet"> <div class="wide"><div> <div class="lazr-multiline-edit" id="edit-whiteboard"> <div class="clearfix"> <h3>Whiteboard</h3> </div> <div class="yui3-editable_text-text"><p>Note that the blueprints' saying that "there's absolutely no easy way for a user to give a file to another user on the same computer" is only true with the current ubuntu configuration, but is not true, and has never been true for unix/linux systems in general for decades. Unix directories can get set up with a proper scheme, during install, and user/group addition/deletion.</p> <p>For a short overview refer to <a rel="nofollow" href="https://wiki.ubuntu.com/MultiUserManagement">https:/<wbr />/wiki.ubuntu.<wbr />com/MultiUserMa<wbr />nagement</a></p> <p>The UPG scheme provides a well working method without requiring ACLs at all, for users to collaborate. Unix/linux allows to define many groups, with different sets of users, and access to files is determined by the file location, i.e. in what group directory a file is put. Yes, standard file permission only allows "u-g-o", but this is enough to define an arbitrary number of group directories and users belonging to multiple different groups to use them without any hassle. Please read up on the UPG scheme.</p> <p>----</p> <p>ceg: The following apperently was an addition from someone who has not known and understood the user privat groups (UPG) scheme at all, and is not familliar with how multi-user linux systems can be set up properly. (non-existing arbitrary limits, wrong examples, etc.):</p> <p>----</p> <p>Bib: how to have the whole tree TREE writable by group1, read/browse only by group2, and no access by others?</p> <p>ceg: While using only standard file permissions does not allow for ACL features, the standard permission system allows quite bit if you know how to use them. (Same with ACLs or mostly anything.)</p> <p>Your example sounds common for webservers and may be solved with "lock" directories as parent to the group directory, or bind mounting files into different group dirs.<br /> <a rel="nofollow" href="https://wiki.debian.org/UserPrivateGroups#When_User_Private_Groups_Cannot_Be_Used">https:/<wbr />/wiki.debian.<wbr />org/UserPrivate<wbr />Groups#<wbr />When_User_<wbr />Private_<wbr />Groups_<wbr />Cannot_<wbr />Be_Used</a><br /> Even if not and the long-standing solutions are not that known/obvious to ubuntu, ubuntu has no reason to wait for ACLs getting fixed, but can configure proper UPG and group dir handling.</p> <p>----</p> <p>Bib: The above comment lets think that default permissions management allows having 2 different groups for a __single__ file|dir in the aim to get this example: g=srwx,g2=rx,o=---.<br /> AFAIK only u-g-o is possible, not u-g-g2-gn-o. As stated in the 2nd paragraph of this very blueprint, only ACL could do this if they worked as intended, i.e. if e.g cp would respect any default acl __when it meets one__. This is very clear.<br /> A workaround would be something with inotify|dbus as already stated... another (ugly) one would be a cron job searching for new files|dir in the tree since last run, and applying the default acl of the parent of each.</p> <p>----</p> <p>Bib: So now, let's admit 4 users is the de facto, non arbitrary, upper limit for a desktop... I know a friend of mine having 4 children and not reach enough to buy a second computer. Even if he could, all 6 family members couldn't have their own login account in each computer (this would break the magical 4 limit).<br /> The "refer ...MultiUserMan<wbr />agement" finds its limit too:<br /> /srv/FamilyData:<br /> group1 mum-dad => rwx<br /> group2 kids => r-x<br /> others => --- (think to guest)<br /> /srv/FamilyData<wbr />/Entertaiment:<br /> group1 mum-dad => rwx<br /> group2 kids => rwx<br /> others => ---<br /> /srv/FamilyData<wbr />/ParentsPrivate<br /> group1 mum-dad => rwx<br /> group2 kids => ---<br /> others => ---</p> <p>Because of cp/mv breaking acl automatic inheritance, acl are of no help here, just broken, making the whole OS as fun as a fridge or a washing machine. Don't even talk about the files managers.</p> <p>When done, remember 20 years ago: Windows NT4 introduced ntfs with fullfeatured ACL targetted to enterprises. Less than 10 years later they merged the old dos/9x branch, giving up the FAT permissions (single read-only was not a big loss) for the default system FS, giving the ntfs robustness, versatility, granularity into the general public computers. Since XP (even home release), the ACL are around, even if you still beleive the "shares" we had in WFW3.11, then 9x up to w10 are still the same. ACL are underlying: if you don't see them at first glance in "home" products, it is just a commercial restriction. NT4~W10 shares won't work without the acl background.<br /> In the lap time, GNU/Linux prevaricated about ACL, arguing the 1003.1e draft17 is withdrawn.<br /> This blueprint is just in the same state it was 6 years ago when Milan posted it.</p> <p>---</p> <p> Helpful and related links:<br />  * <a rel="nofollow" href="https://wiki.ubuntu.com/MultiUserManagement">https:/<wbr />/wiki.ubuntu.<wbr />com/MultiUserMa<wbr />nagement</a> (UPGs without need for ACLs)<br />  * <a rel="nofollow" href="http://askubuntu.com/questions/14765">http://<wbr />askubuntu.<wbr />com/questions/<wbr />14765</a><br />  * <a rel="nofollow" href="https://help.ubuntu.com/community/Bindfs-SharedDirectoryLocalUsers">https:/<wbr />/help.ubuntu.<wbr />com/community/<wbr />Bindfs-<wbr />SharedDirectory<wbr />LocalUsers</a><br />  * <a rel="nofollow" href="https://help.ubuntu.com/community/UbuntuLTSP/ACLSupport">https:/<wbr />/help.ubuntu.<wbr />com/community/<wbr />UbuntuLTSP/<wbr />ACLSupport</a> (8.04 only)<br />  * <a rel="nofollow" href="https://help.ubuntu.com/community/FilePermissionsACLs">https:/<wbr />/help.ubuntu.<wbr />com/community/<wbr />FilePermissions<wbr />ACLs</a> (note link to ACL bug <a rel="nofollow" href="http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8527">http://<wbr />debbugs.<wbr />gnu.org/<wbr />cgi/bugreport.<wbr />cgi?bug=<wbr />8527</a> )</p></div> </div> </div> </div> </div> <div class="portlet"> <a href="/+help-blueprints/workitems-help.html" target="help" class="sprite maybe action-icon">(?)</a> <div class="wide"><div> <div class="lazr-multiline-edit" id="edit-workitems_text"> <div class="clearfix"> <h3>Work Items</h3> </div> <div class="yui3-editable_text-text"></div> </div> </div> </div> </div> <div class="portlet"> <ul class="horizontal"> </ul> </div> </div> <script type="text/javascript"> LPJS.use('lp.anim', 'lp.client', 'lp.deprecated.ui', 'lp.app.information_type', 'node', 'widget', function(Y) { Y.on('domready', function(){ var privacy_link = Y.one('#privacy-link'); Y.lp.app.information_type.setup_choice( privacy_link, new Y.lp.client.Launchpad(), LP.cache.context); }); Y.on('lp:context:implementation_status:changed', function(e) { var icon = Y.one('#informational-icon'); if (e.new_value == 'Informational') { icon.removeClass('hidden'); } else { icon.addClass('hidden'); } }); Y.on('lp:context:lifecycle_status:changed', function(e) { Y.lp.deprecated.ui.update_field('#lifecycle-status', e.new_value); }); Y.on('lp:context:is_started:changed', function(e) { var started = Y.one('#started-by'); if (e.new_value) { started.removeClass('hidden'); started.one('dd').setContent(e.entry.getHTML('starter')); Y.lp.anim.green_flash({node:started}).run(); } else { started.addClass('hidden'); } }); Y.on('lp:context:is_complete:changed', function(e) { var completed = Y.one('#completed-by'); if (e.new_value) { completed.removeClass('hidden'); completed.one('dd').setContent(e.entry.getHTML('completer')); Y.lp.anim.green_flash({node:completed}).run(); } else { completed.addClass('hidden'); } }); Y.on('lp:context:title:changed', function(e) { // change the window title and breadcrumb. Y.lp.deprecated.ui.update_field('ol.breadcrumbs li:last-child', e.new_value); var title = window.document.title; title = e.new_value + title.substring(e.old_value.length); window.document.title = title; }); // Watch for the whiteboard for edit mode so we can show/hide a // message to the user to make sure not to put work items in there. var whiteboard_node = Y.one('#edit-whiteboard'); var whiteboard = Y.Widget.getByNode(whiteboard_node); var notice_node = Y.Node.create('<p/>'); notice_node.set('id', 'wimessage'); notice_node.addClass('informational message'); notice_node.setContent('Please note that work items go in the separate Work Items input field below.'); whiteboard.editor.on('visibleChange', function (ev) { var par = whiteboard_node.get('parentNode'); // If we're visible, show the message if (ev.newVal) { par.insertBefore(notice_node, whiteboard_node); } else { // Otherwise we need to remove the node par.removeChild(notice_node) } }); }); </script> </div> </div> </div> <div id="side-portlets" class="yui-b side"> <div id="privacy" class="portlet public"> <div id="privacy-text"> <span id="information-type-summary" class="sprite public">This blueprint contains <strong id="information-type">Public</strong> information</span>  <div id="information-type-description" style="padding-top: 5px">Everyone can see this information. </div> </div> </div> <div class="portlet vertical" id="portlet-subscribers"> <div class="section"> <div class="subscribed-false"><a class="menu-link-subscription sprite modify edit" href="https://blueprints.launchpad.net/ubuntu/+spec/local-file-share/+subscribe">Edit subscription</a></div> <div><a class="menu-link-addsubscriber sprite add" href="https://blueprints.launchpad.net/ubuntu/+spec/local-file-share/+addsubscriber">Subscribe someone else</a></div> </div> <div id="subscribers"> <h2>Subscribers</h2> <div id="subscribers-links"> <div class="subscriber-1707933 subscriber" id="subscription-subscriber-1707933"> <img src="/@@/subscriber-inessential" /> <a href="/~ye-gorshkov">atany</a> </div> <div class="subscriber-3752159 subscriber" id="subscription-subscriber-3752159"> <img src="/@@/subscriber-inessential" /> <a href="/~beat-jaeckle">Beat J盲ckle</a> </div> <div class="subscriber-2495891 subscriber" id="subscription-subscriber-2495891"> <img src="/@@/subscriber-inessential" /> <a href="/~bybeu">Bib</a> </div> <div class="subscriber-1898487 subscriber" id="subscription-subscriber-1898487"> <img src="/@@/subscriber-essential" /> <a href="/~companheiro-vermelho">Bolche</a> </div> <div class="subscriber-513235 subscriber" id="subscription-subscriber-513235"> <img src="/@@/subscriber-inessential" /> <a href="/~ceg">ceg</a> </div> <div class="subscriber-3096818 subscriber" id="subscription-subscriber-3096818"> <img src="/@@/subscriber-essential" /> <a href="/~dkotrada">dkotrada</a> </div> <div class="subscriber-2461773 subscriber" id="subscription-subscriber-2461773"> <img src="/@@/subscriber-essential" /> <a href="/~eric-carvalho">Eric Carvalho</a> </div> <div class="subscriber-3107328 subscriber" id="subscription-subscriber-3107328"> <img src="/@@/subscriber-essential" /> <a href="/~estebanknobl">Esteban Kn枚bl</a> </div> <div class="subscriber-15061 subscriber" id="subscription-subscriber-15061"> <img src="/@@/subscriber-inessential" /> <a href="/~hgibson">Hilton Gibson</a> </div> <div class="subscriber-245211 subscriber" id="subscription-subscriber-245211"> <img src="/@@/subscriber-inessential" /> <a href="/~jeremy.vies">Jeremy Vies</a> </div> <div class="subscriber-1508771 subscriber" id="subscription-subscriber-1508771"> <img src="/@@/subscriber-inessential" /> <a href="/~skfd">Konstantin Konev</a> </div> <div class="subscriber-1730999 subscriber" id="subscription-subscriber-1730999"> <img src="/@@/subscriber-inessential" /> <a href="/~koshy">Marc D.</a> </div> <div class="subscriber-1837093 subscriber" id="subscription-subscriber-1837093"> <img src="/@@/subscriber-inessential" /> <a href="/~papukaija">papukaija</a> </div> <div class="subscriber-3576820 subscriber" id="subscription-subscriber-3576820"> <img src="/@@/subscriber-inessential" /> <a href="/~rc-bad8082">rc_bad8082</a> </div> <div class="subscriber-3226610 subscriber" id="subscription-subscriber-3226610"> <img src="/@@/subscriber-inessential" /> <a href="/~takkat-nebuk">Takkat</a> </div> </div> </div> </div> </div> </div> <div id="footer" class="footer"> <div class="lp-arcana"> <div class="lp-branding"> <a href="https://launchpad.net/"><img src="/@@/launchpad-footer-logo.svg" alt="Launchpad" width="65" height="18" /></a>  •  <a href="https://launchpad.net/+tour">Take the tour</a>  •  <a href="https://help.launchpad.net/">Read the guide</a>   <form id="globalsearch" method="get" accept-charset="UTF-8" action="https://launchpad.net/+search"> <input type="search" id="search-text" name="field.text" /> <input type="image" src="/@@/search" style="vertical-align:5%" alt="Search Launchpad" /> </form> </div> </div> <div class="colophon"> © 2004 <a href="http://canonical.com/">Canonical Ltd.</a>  •  <a href="https://launchpad.net/legal">Terms of use</a>  •  <a href="https://www.ubuntu.com/legal/dataprivacy">Data privacy</a>  •  <a href="/feedback">Contact Launchpad Support</a>  •  <a href="http://blog.launchpad.net/">Blog</a>  •  <a href="https://canonical.com/careers">Careers</a>  •  <a href="https://ubuntu.social/@launchpadstatus">System status</a> <span id="lp-version">  •  aa29ae0 (<a href="https://dev.launchpad.net/">Get the code!</a>) </span> </div> </div> </div> <script id="json-cache-script">LP.cache = {"related_features": {}, "information_type_data": {"PUBLIC": {"value": "PUBLIC", "description": "Everyone can see this information.\n", "name": "Public", "order": 0, "is_private": false, "description_css_class": "choice-description"}}, "context": {"self_link": "https://blueprints.launchpad.net/api/devel/ubuntu/+spec/local-file-share", "web_link": "https://blueprints.launchpad.net/ubuntu/+spec/local-file-share", "resource_type_link": "https://blueprints.launchpad.net/api/devel/#specification", "bugs_collection_link": "https://blueprints.launchpad.net/api/devel/ubuntu/+spec/local-file-share/bugs", "information_type": "Public", "name": "local-file-share", "title": "Allow to share files between users on the same machine", "specification_url": "https://wiki.ubuntu.com/LocalFileShare", "summary": "At the time, there's absolutely no easy way for a user to give a file to another user on the same computer: you'd better use an email. It would be nice to add a \"Shared folder\" common to all physical users of the system, that would be used in home desktops: you should be able to copy a file to there and another to read/edit it. In an improved version (to overdo Windows here), we could create folders to share files exclusively with one user. On desktops, with typically \u003c 5 users, this is not an issue: in Places -\u003e Computer, there is perfectly fit space for it.\n\nOn the technical side, it appears that default permissions management is not able to do that out of the box. ACLs allow an option (setfacl -d) to keep the permissions of the parent folders for the files created within; though, copying a file won't work (AFAIK and without tricks). A solution would be to use a script to change the permissions every time a file is updated (using dbus and inotify?).", "definition_status": "Discussion", "assignee_link": null, "drafter_link": null, "approver_link": null, "priority": "Undefined", "date_created": "2007-10-27T15:31:46.772231+00:00", "owner_link": "https://blueprints.launchpad.net/api/devel/~nalimilan", "target_link": "https://blueprints.launchpad.net/api/devel/ubuntu", "milestone_link": null, "whiteboard": "Note that the blueprints' saying that \"there's absolutely no easy way for a user to give a file to another user on the same computer\" is only true with the current ubuntu configuration, but is not true, and has never been true for unix/linux systems in general for decades. Unix directories can get set up with a proper scheme, during install, and user/group addition/deletion.\n\nFor a short overview refer to https://wiki.ubuntu.com/MultiUserManagement\n\nThe UPG scheme provides a well working method without requiring ACLs at all, for users to collaborate. Unix/linux allows to define many groups, with different sets of users, and access to files is determined by the file location, i.e. in what group directory a file is put. Yes, standard file permission only allows \"u-g-o\", but this is enough to define an arbitrary number of group directories and users belonging to multiple different groups to use them without any hassle. Please read up on the UPG scheme.\n\n----\n\nceg: The following apperently was an addition from someone who has not known and understood the user privat groups (UPG) scheme at all, and is not familliar with how multi-user linux systems can be set up properly. (non-existing arbitrary limits, wrong examples, etc.):\n\n----\n\nBib: how to have the whole tree TREE writable by group1, read/browse only by group2, and no access by others?\n\nceg: While using only standard file permissions does not allow for ACL features, the standard permission system allows quite bit if you know how to use them. (Same with ACLs or mostly anything.)\n\nYour example sounds common for webservers and may be solved with \"lock\" directories as parent to the group directory, or bind mounting files into different group dirs. \nhttps://wiki.debian.org/UserPrivateGroups#When_User_Private_Groups_Cannot_Be_Used\nEven if not and the long-standing solutions are not that known/obvious to ubuntu, ubuntu has no reason to wait for ACLs getting fixed, but can configure proper UPG and group dir handling.\n\n----\n\nBib: The above comment lets think that default permissions management allows having 2 different groups for a __single__ file|dir in the aim to get this example: g=srwx,g2=rx,o=---.\nAFAIK only u-g-o is possible, not u-g-g2-gn-o. As stated in the 2nd paragraph of this very blueprint, only ACL could do this if they worked as intended, i.e. if e.g cp would respect any default acl __when it meets one__. This is very clear.\nA workaround would be something with inotify|dbus as already stated... another (ugly) one would be a cron job searching for new files|dir in the tree since last run, and applying the default acl of the parent of each.\n\n\n----\n\nBib: So now, let's admit 4 users is the de facto, non arbitrary, upper limit for a desktop... I know a friend of mine having 4 children and not reach enough to buy a second computer. Even if he could, all 6 family members couldn't have their own login account in each computer (this would break the magical 4 limit).\nThe \"refer ...MultiUserManagement\" finds its limit too:\n/srv/FamilyData:\ngroup1 mum-dad =\u003e rwx\ngroup2 kids =\u003e r-x\nothers =\u003e --- (think to guest)\n/srv/FamilyData/Entertaiment:\ngroup1 mum-dad =\u003e rwx\ngroup2 kids =\u003e rwx\nothers =\u003e ---\n/srv/FamilyData/ParentsPrivate\ngroup1 mum-dad =\u003e rwx\ngroup2 kids =\u003e ---\nothers =\u003e ---\n\nBecause of cp/mv breaking acl automatic inheritance, acl are of no help here, just broken, making the whole OS as fun as a fridge or a washing machine. Don't even talk about the files managers.\n\nWhen done, remember 20 years ago: Windows NT4 introduced ntfs with fullfeatured ACL targetted to enterprises. Less than 10 years later they merged the old dos/9x branch, giving up the FAT permissions (single read-only was not a big loss) for the default system FS, giving the ntfs robustness, versatility, granularity into the general public computers. Since XP (even home release), the ACL are around, even if you still beleive the \"shares\" we had in WFW3.11, then 9x up to w10 are still the same. ACL are underlying: if you don't see them at first glance in \"home\" products, it is just a commercial restriction. NT4~W10 shares won't work without the acl background.\nIn the lap time, GNU/Linux prevaricated about ACL, arguing the 1003.1e draft17 is withdrawn.\nThis blueprint is just in the same state it was 6 years ago when Milan posted it.\n\n---\n\n\u00a0Helpful and related links:\n\u00a0* https://wiki.ubuntu.com/MultiUserManagement (UPGs without need for ACLs)\n\u00a0* http://askubuntu.com/questions/14765\n\u00a0* https://help.ubuntu.com/community/Bindfs-SharedDirectoryLocalUsers\n\u00a0* https://help.ubuntu.com/community/UbuntuLTSP/ACLSupport (8.04 only)\n\u00a0* https://help.ubuntu.com/community/FilePermissionsACLs (note link to ACL bug http://debbugs.gnu.org/cgi/bugreport.cgi?bug=8527 )", "workitems_text": "", "direction_approved": false, "implementation_status": "Not started", "starter_link": null, "date_started": null, "completer_link": null, "date_completed": null, "dependencies_collection_link": "https://blueprints.launchpad.net/api/devel/ubuntu/+spec/local-file-share/dependencies", "linked_branches_collection_link": "https://blueprints.launchpad.net/api/devel/ubuntu/+spec/local-file-share/linked_branches", "is_complete": false, "is_started": false, "lifecycle_status": "Not started", "has_accepted_goal": false, "http_etag": "\"40883d3803d6052725edead0f7bd71b8a278c1bd-f13fa8f4cff3470d21da8834e438fcccd4f7b53a\""}};</script> </body>  </html>

CINXE.COM

Allow to share files between users on the same machine : Blueprints : Ubuntu