I am in the process of setting up a server running the file server and mediawiki appliances, for use in a small research laboratory. I am somewhat familiar with users in linux, but am having trouble figuring out the best way to achieve the access control I desire.
The file server itself consists of the server (obviously) attached to rack-mounted external drives (essentially 4-drive units with hardware-RAID; appears as a single external dive when plugged into the server). These drives are mounted in /media
I want there to be three "types" of users, which I thought I could manage via groups. The three types would be:
1) "Computers"; essentially accounts which are used to "permenently" mount the drive on our lab computers. These accounts would have full read/write access to all folders/files on the external drives.
2) "Lab members"; essentially a personal account for each lab member. They would have read/write access to their accounts, but read-only access to the remainder of the drives.
3) "Collaberators"; people not in my lab who I need to share files with. They would have read/write access their account, no access to the remainder of the drive.
I've not been able to get this to work as desired; does anyone have advice on how to best implement this. AFAIK, the problem lies in how file permissions are usually implemented. Since there is no inheritance of permissions, if the "computer" account is used to access/create a file in a "lab member" directory, it remains property of the "computer" account.
Any help is appreciated.