prevent directories from being renamed
Hello,
Ill ask my question first and explain it more below.. I have a folder with 5 files in it. The folder is called testfolder. What I want to ensure is that, even though users have access to the folder they cannot rename it. But they can still go into the testfolder, and rename and modify the files inside it. All I want is just to make sure the folder cannot be renamed without taking away their access to the contents inside. Is there a way to do this? The users trying to rename of course wont be root. Is there a chown or chmod setup to do this? I dont want them to lose their access to the folder's contents. I just dont want the folder renamed. Please help me :) Thanks! -Chibi |
well, I can give you a limited solution, but it disables also renaming and creating of new files.. /:
Code:
chattr +i testdir Quote:
Modifying the files under the dir worked when I tried it, but not much else.. /: edit: just figured why it doesnt work as its supposed to. Seems like the i parameter cannot be used on directories, so it applies it to the files also or sumthing.. d: |
I've never seen that command before.
The reason I need this is, I dont want to give some people access to the box, but I have setup a page made in php that detects certain directories to change their options.. but if they rename the directories the script goes to crap :P and i cant just, tell them not to rename because these arent close friends, they are practical strangers im helping out :) Thanks. |
Did quite a heap of testing and came up with a solution:
If you create a dir with the chmod +t set, and another dir under that with +t also, but also chmod 777, the second dir cannot be moved, but stuff under it functions normally to the ones owning them. MAke any sense? (; example: Code:
mkdir -p foodir/testdir |
Ah great job :) Didnt know about the +t either x_x.
Yeah leaving the above directory completely vulnerable is not a good idea :\ . But that directory would probably be empty besides the protected folder(s).. so maybe it might be okay. Could someone -r delete foodir and thus testfir inside? 777 means ugo all have rwx right? Thanks for the continued help :) |
Don't worry about using the sticky bit (chmod +t), making any dir that you don't want to let anyone edit chmod 777 is not a good idea. All you need to do is make the directory (folder) that testfolder is located in, say "above", not writable by those that you don't want to write to it. Like this:
||| above --> this is not writable - chmod 755 - owned by root ||| ||| -- testfolder --> this is writable - chmod 777 - owned by anybody you like, even root |||||| |||||| -- user_dirs_&_files This way, users wont be able to edit anything, including the name of dirs, in the "above" dir, but will be able to create & edit in "testfolder". |
lol.. why didnt I think of that.. alot easier indeed. Guess I just missed the obvious, sorry for that.. (:
If you want so that the lowest folder can contain files by many users but they can only edit files they own themselves (while still preserving the chmod 777), then use the stickbit for the dir, but otherwise it goes un-needed with the above structure. |
Ah, thanks both of you. I am definately going to give it a try later today.
I am grateful for the help :) -Chibi |
All times are GMT -5. The time now is 06:23 PM. |