LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-19-2013, 09:21 AM   #1
boby.kumar
Member
 
Registered: Mar 2013
Posts: 92

Rep: Reputation: Disabled
how i can change file permissions to read,write and modify but not to delete in linux


Hi Team
I am working as a sytem adminstrator and need some suggestion from your side. I want to change file and directory permission to read,write and modify but not to delete them by the user in linux.
All the users logged in to samba server by rncit and i have to restrict them not to delete any file or directory.
I have shared the following Path:/home/rncit in samba server.
please do the needful as it is urgent.

regards
Boby
 
Old 03-19-2013, 09:24 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974Reputation: 1974
writing IS deleting. If you can replace the entire contents of the file, what benefit is it to not be able to delete it?
 
Old 03-19-2013, 09:26 AM   #3
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,274

Rep: Reputation: 148Reputation: 148
Try sticky bit
http://www.thegeekstuff.com/2011/02/...irectory-file/
 
Old 03-19-2013, 09:42 AM   #4
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,800
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
According to the situation you have given, it points towards sticky bit. But remember, sticky bit is applicable for directories only, not useful on files. However, after applying sticky bit on a directory, the content within the directory can be deleted by file owner, directory owner or root only. After that, you can assign all read/write/execute permission to all.

Code:
~$ mkdir mydir
~$ mv file1 file2 file3... mydir
~$ chmod -R a+rwx  mydir
Then apply sticky bit, as:
Code:
~$ chmod a+t mydir

Last edited by shivaa; 03-19-2013 at 09:44 AM.
 
Old 03-19-2013, 10:13 AM   #5
allend
Senior Member
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware-current
Posts: 4,516

Rep: Reputation: 1396Reputation: 1396Reputation: 1396Reputation: 1396Reputation: 1396Reputation: 1396Reputation: 1396Reputation: 1396Reputation: 1396Reputation: 1396
One other thought would be to use inotifywait to watch for file a being closed, and then immediately copy that file appending a time stamp to a directory that the users cannot access. If a file was subsequently deleted, you would still have a copy of the original.
 
Old 03-20-2013, 12:11 AM   #6
boby.kumar
Member
 
Registered: Mar 2013
Posts: 92

Original Poster
Rep: Reputation: Disabled
thanks a lot.
I got the point but sticky bit allow only the file owner to read,write and delete but I have around 500 users to access the samba server.
please suggest me how i can manage it by group id or userid, i am using 6.2 linux version for samba.
can i need to create individuals userid for the same?

Regards
Boby
 
Old 03-20-2013, 12:19 AM   #7
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,800
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
@Boby:
If you do not wish to allow everyone to have read/write, then create a new group, add it as main group for the directory as well as files. And then add only those users to that group whom you wish to allow read/write permissions.

Code:
~$ groupadd <groupname>
~$ chgrp -R <groupname> <directoryname>
~$ chmod -R 770 <directoryname>
~$ chmod g+s <directoryname>
 
Old 03-20-2013, 01:43 AM   #8
linosaurusroot
Member
 
Registered: Oct 2012
Distribution: OpenSuSE,RHEL,Fedora,OpenBSD
Posts: 981
Blog Entries: 2

Rep: Reputation: 235Reputation: 235Reputation: 235
Quote:
Originally Posted by acid_kewpie View Post
writing IS deleting. If you can replace the entire contents of the file, what benefit is it to not be able to delete it?
Except for an append-only write for instance after
Code:
chattr +a filename
 
Old 03-20-2013, 08:58 AM   #9
boby.kumar
Member
 
Registered: Mar 2013
Posts: 92

Original Poster
Rep: Reputation: Disabled
thanks a lot for the same.
Please take out the steps that how i can add users in the same group and the only group permissions will be inhert by the users?
Actually I have to Create 3 groups as DII&V,E2E and OAM and want to read,write and delete permissions for these groups.
please do the needful.

Regards
Boby
 
Old 03-20-2013, 09:29 AM   #10
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,800
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
Why you want to create 3 groups? Just one group is enough to protect whole directory data.

To add a new group (see manual of groupadd),
Code:
~$ groupadd <groupname>
Then add allowed users into this group (see manual of usermod),
Code:
~$ usermod -G <groupname> <username>
Change group of the directory recursively (see manual of chgrp),
Code:
~$ chgrp -R <groupname> /path/to/directory
Add SGID on the directory (see manual of chmod),
Code:
~$ chmod g+s <directoryname>
However, these are very basic commands, and as a system admin you should know them very well. If you would have even checked the manuals of these command, you didn't need to ask for it.

Last edited by shivaa; 03-20-2013 at 09:32 AM. Reason: Links added
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Change Permissions Write/Read to Ipod nano 2nd Folders Alchemikos Linux - Newbie 1 07-24-2012 11:32 AM
[SOLVED] [bash] read file, modify, write - possible without tmpfile? hashbang#! Programming 2 02-11-2010 05:27 AM
change read/write permissions for USB hubs -- have I done it? redfoxbluefox Linux - Newbie 0 06-16-2009 05:28 PM
How do I change read/write permissions for a whole directory? Stevetgn Linux - Newbie 8 12-31-2003 07:41 AM
Change from Read only to Read Write File System? justiceisblind Linux - Newbie 3 03-03-2002 07:23 PM


All times are GMT -5. The time now is 12:28 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration