Skip to main content
Crusoe Support Help Center home page
Crusoe

How-To: Set Up Group Write Access for Crusoe Shared Disk Directories

Rishabh Sinha
Rishabh Sinha
Updated

Introduction

Users part of the same Unix group are unable to create or modify files in a directory on a virtiofs-mounted Crusoe Shared Disk, even though directory permissions are set to allow group write access (chmod 775). In this article how to allow Allow multiple users in the same group to write to a shared directory on a virtiofs-mounted shared disk.

Prerequisites

  • Crusoe Cloud: Storage Disks (type: shared-volume), VMs with virtiofs mount support
  • Linux Guest OS: Ubuntu 22.04
  • Filesystem: VirtioFS
  • Shared Disk: Mounted via mount -t virtiofs Ensure the shared disk is properly created and attached to your VM. Refer to mounting-shared-disks  for details.
  • Disk Access: Read-write by multiple VMs (multi-attach mode)

Step-by-Step Instructions

Step 1: Create a Shared Group and Users

sudo groupadd testgroup

Create two users and associate both with the shared group:

sudo useradd -m -G testgroup testuser
sudo useradd -m -G testgroup testuser2

Set passwords (if needed)

sudo passwd testuser
sudo passwd testuser2

Confirm group membership.

id testuser2
id testuser

Output:
uid=1002(testuser2) gid=1003(testuser2) groups=1003(testuser2),1001(testgroup)

 Set passwords (if needed)

sudo passwd testuser
sudo passwd testuser2

 

Step 2: Mount the Shared Disk

Create a mount point (if not already created):

sudo mkdir -p /mnt/test-shared

Mount the disk using virtiofs:

sudo mount -t virtiofs <shared-disk-name> /mnt/test-shared

Verify:

findmnt -t virtiofs

To mount Shared Disks persistently across VM reboots, add an entry to the /etc/fstab file. Ref: mounting-shared-disks 

 

Step 3:  Create a Shared Working Directory With Correct Permissions

sudo mkdir /mnt/test-shared/testuserdirectory

Change ownership to allow group collaboration:

sudo chown testuser:testgroup /mnt/test-shared/testuserdirectory

Set permissions to 2775 (includes setgid)

Why 2775? It ensures that any files created inside the folder inherit the group testgroup.

 

Step 4: Confirm Write Access for a Secondary Group Member

Switch to the second user:

sudo su - testuser2
cd /mnt/test-shared/testuserdirectory

Attempt to create a file:

touch testfile
ls -l testfile

The command should work without a permissions error, and the group should be testgroup.

 

Common Issues

  1. When you set up a folder so a group of users can work together, Linux checks which group user belongs to it every time they try to create or change something in that folder. Each user has a main group (called the primary group) and can also be part of other groups.  In the following case, both users were added to the same group meant for sharing the folder. But unless a user’s main group matches the group set on the folder, they are actually blocked from making changes, even if they’re listed as a member, and you will see “Permission denied.” 

    ubuntu@test-instance:~$ sudo su - testuser2
    $ cd /mnt/shared/testuserdirectory
    
    $ groups
    testuser2 testgroup
    
    $ touch testfile_as_testuser2
    touch: cannot touch 'testfile_as_testuser2': Permission denied
    
    $ id
    uid=1002(testuser2) gid=1003(testuser2) groups=1003(testuser2),1001(testgroup)

    Resolution:

    Run this command to see who owns the folder and which group is set:

    ls -ld /mnt/shared/testuserdirectory
    
    drwxrwxr-x. 2 testuser testgroup 4096 Jul 18 06:18 /mnt/shared/testuserdirectory

    In the above example, testuser is the owner and testgroup is the group.

    To see a specific user's primary group and other groups:

    id testuser2
    uid=1002(testuser2) gid=1003(testuser2) groups=1003(testuser2),1001(testgroup)

    The number and name after gid= show the user’s main (primary) group. In this example, the primary group is testuser2 (gid=1003), and the user is also a member of testgroup (group 1001), but only as a secondary group. If the directory’s group (from the ls -ld command) does not match the user’s gid=GROUPNAME, then the user's main group is different, and group write permissions might not work as expected. If the directory’s group and the user’s primary group are the same, the user will have group write access by default.

    If you find that the user's primary group is not the shared one, you can set it with:

    sudo usermod -g testgroup testuser2

    User needs to log out and log back in for the change to take effect. The user will be able to work in the folder with no errors, because their main group now matches what the folder expects.

Additional Resources

 

Related to

Was this article helpful?

0 out of 0 found this helpful

Still need help?

Our support team is ready to assist you with any questions.

Have more questions? Submit a request

Recently Viewed

Comments

0 comments

Article is closed for comments.