How do I create a shared mixed access directory under root?

I'm trying to create a directory on the root filesystem that has mixed access levels depending on group. The directory will act as one user's home directory who will have rwx permissions except on certain subfolders whose access will be determined by various groups.

So let's say the directory hierarchy looks like this: /storage /storage/www /storage/documents /storage/videos

and I have 3 groups: G1 G2 G3

The user who owns the /storage home directory should have rwx permissions on everything within the folder except /storage/www and /storage/documents. On these folders the home owner will only have read permissions and people who belong in groups 1-3 will have rwx permissions.

I've attempted to do this via ACLs and setting the defaults for each directory. This sort of works but I fear that I may not be doing it correctly - when a user creates a file within one of these directories it then becomes read only to anyone else.

Running getfacl /storage/www for instance shows this "#effective r--" against each custom entry I've added.

I'm not certain, but I believe if a user has rwx permissions on a folder, he has those permissions for every subfolder also. Please correct me if I'm wrong. Also, folder permission limits subfolder permissions, see this link for more info: link I'm no expert, and it's entirely possible I'm wrong, but this is just my understanding of the situation. Side note: why would you want to put files in a user's home directory that they can't access, why not put them somewhere else?

shrimpandwalrus ( 2015-10-08 08:30:43 -0500 )