greetings;

centos 6

I command this chmod o+rwx /folder. From my xp I can access \\server\folder, create and delete into this file.

But how to provide permission where he can create/edit a file BUT RESTRICTED TO DELETE A FILE.
In windows this can be done in advnce security how about in linux?

Any ideas guys...pls help..

seems you are referening here a stick bit permission, use chmod 1777 /folder


else you need to play with acl's and selinux policy to prevent this.

Hello, Thanks for the reply. I've search and command this:

setfacl -m u:linix:rwx /folder

But doesn't solved my problem. I want read,write, execute BUT RESTRICT TO DELETE A FILE.

can anyone help me...tnx in advance

You may be able to do it via Samba cfg, but in *nix, creating/deleting a file is a write operation on the dir inode, not the file.
I don't think *nix perms or even ACLs is going to do it.
Sticky bit only prevents others from deleting a file you create; it can't stop you deleting a file you created.

Now, I get it..sticky bit prevents others from deleting your files except the owner/creator.

By the way, your referring samba cfg, what exactly do i need to look for? coz i dont see *cfg in /etc/samba. Can you just give me tips to start with.

thnx..

So doesn't that mean that setting write restrictions on the directory does exactly that? Enable to write the file, but not to delete it. I recall that I had this problems (in conjunction with Samba) where I could not delete files.

jlinkels

You need write access on the dir to create file (in that dir) and also to delete one; they both count as write ops on the dir inode/file itself. There's no delete perm in *nix, unlike eg OpenVMS.
I think(?) you can get what you want if you go via a Samba/cifs cxn; check the Samba docs.

have you tried to set chattr on files ?


setting +a (append only attributes to files can helps you to append the data but not to delete or rename file)

but still only root can set these attributes .


lsattr /path/to/file #to show the extended attributes

chattr +a /path/to/file #TO change


Thanks,
em31amit
Amit m.

This are what i command:

note: centos is joined in win2003

1. chmod 1070 /folder
2. under my samba..
directory mask = 0770
create mask = 0770


drwxr-xr-x. 2 nixuser domain users 4096 May 10 16:24 nix1 (folder nix1 created in centos)
drwxrwx---. 2 xpuser domain users 4096 May 10 16:29 win1 (folder win1 created in windows)

base on the problem i raise, the sticky bit answered my question only owners can create/delete their own file..done

the issue right now is creating/editing between folders..

Maybe this is a good start for me...I really dont know if im going the right way

If Samba won't do it, you may have to resort to dir monitoring eg dnotify/fam and call a script to move the completed file to another area where the dir perms are r-x only.
Alternately, use a code ctrl system eg cvs, subversion etc.