I have two groups, group staff
and one directory in which both groups may place files in. The employees group may only remove files from their own group but not from the staff group, while the staff group may remove files from both groups (their own and employees).
I've been trying to solve this the usual way, giving the directory to the employees group (all staff are also in the employees group), but the problem is that then employees can simply remove files owned by staff member from that dir. Otherwise, the dir belongs to the staff, the employees won't be able to create file withing that dir...
I don't speak fluent ACL
which I know would be perfect for this situation. I'd appreciate it a lot if someone could help