Complete user shared folder R+W condivision

Discussion in 'macOS Sierra (10.12)' started by braunfish, Dec 7, 2016.

  1. braunfish macrumors newbie

    Joined:
    Dec 7, 2016
    #1
    Hi,



    me and my wife use the same mbpro with 2 different user accounts, both administrators.

    We have our own private folder, but we use users->share folder for file and folders we want to share and we both want to work on.

    The problem is that we have to set up permission every time on every file we both want to be able to edit.

    Is there a way to set up the share folder, so that every new file or folder is automatically readable and writeable from both the administrators?



    thank you
     
  2. KALLT, Dec 7, 2016
    Last edited: Dec 7, 2016

    KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #2
    There are two options.

    (1) You can add special write permissions for the ‘staff’ group to which both user accounts should belong. This is placed in an access-control list of /Users/Shared that will apply this permission to every file or directory that you add to it.
    Code:
    sudo chmod +a "group:staff allow add_file,add_subdirectory,delete_child,writeattr,writeextattr,writesecurity,chown,file_inherit,directory_inherit" /Users/Shared
    It won’t apply this retroactively to all existing files, so you should copy (not move) them out of the directory and back in. However, I suggest you move all of your files into a sub-directory of /Users/Shared (e.g. /Users/Shared/Shared). Some applications have the annoying habit of placing files there, which you probably don’t want to expose to this access-control list. You should change the command accordingly to apply it to that sub-directory:
    Code:
    sudo chmod +a "group:staff allow add_file,add_subdirectory,delete_child,writeattr,writeextattr,writesecurity,chown,file_inherit,directory_inherit" /Users/Shared/Shared
    (2) You create a separate partition on the Macintosh HD disk and use it as shared space. You can mount partitions with ‘ignore ownership’, which will ignore the true permissions of the files/folders. You can encrypt that drive of course and it will be mounted automatically when you log in.

    Edit: I revised my answer to provide a better solution.
     
  3. braunfish thread starter macrumors newbie

    Joined:
    Dec 7, 2016
    #3
    Thank you kallt

    It seems to works perfectly
    Bye
     
  4. hanser macrumors regular

    Joined:
    Aug 29, 2013
  5. braunfish thread starter macrumors newbie

    Joined:
    Dec 7, 2016
  6. hanser macrumors regular

    Joined:
    Aug 29, 2013
    #6
  7. KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #7
    @hanser, I generally do not use this option, not for such specific purposes at least. Changing the ‘umask’ means that every file or folder you create, will have its permissions set to that mask. By default, files and folders are only writable by the user who owns them, group and ‘everyone’ permissions are read-only.

    If you do share the computer with other people and would like to allow each other to access and change each other’s files regardless where they are, then you could give the ‘staff’ group write permissions by default. ’staff’ is the primary group of every user account, all files or folders you create will have the group set to ’staff’ (unless overridden by something else). However, this means that every future account will have the same access and any malware that affects one user could also compromise your own files. Moreover, since this applies to every file you create, it will also apply to data that is stored in the user library.
     

Share This Page