protect my files & directories to delete ?

rabir · 12-05-2011, 08:05 PM

Dear Everyone

i fell some critical thinking when setting permission for my files & directories on share zone(samba,ftp). i try to set their permission in such a way that a registered user can read & write but couldn't delete a file.

Thnaks in advance.
sorry for my bad english.

please help

corp769 · 12-05-2011, 08:11 PM

Deleted due to confusion.

rabir · 12-05-2011, 10:42 PM

Dear all

greetings.

i set permission on FTP files & directories as 644 & 755. but some users can delete the files inside in. how could i make my files non-deletable ?

thanks in advance for replies

corp769 · 12-05-2011, 10:48 PM

Deleted.

rabir · 12-06-2011, 12:12 AM

thanks for response

my samba share configuration here
/*
[samba]
comment=public stuff
path=/samba
public=yes
create mask=0664
directory mask=0775
writable=yes

*/

now i try to protect my files to delete.
in my exixting configuration it is available to create & access.

Reuti · 12-06-2011, 04:51 AM

The thread started with FTP, not Samba. Are you now trying to configure an FTP server or Samba?

Reuti · 12-06-2011, 05:00 AM

If you grant write access to a file, it could also be emptied. Is this what you want? Usually it’s set up by disallowing a write to the directory itself (but then they also couldn’t create a file).

mesuutt · 12-06-2011, 05:59 AM

I hope sticky bit solve your problem .
If you add sticky bit to parent directory of files, anyone can't remove files in directory.Only file's owner can remove files

Code:

chmod +t <parent directory of your files>

See : http://en.wikipedia.org/wiki/Sticky_bit

corp769 · 12-06-2011, 06:17 AM

Deleted. Sorry for any inconveniences.....

deep27ak · 12-06-2011, 06:54 AM

I hope you know about sticky bit

You can use this

Code:

#chmod 1664 /path/to/share
or
#chmod -R 1664 /path/to/share

change the permission as per your requirements and "1" represents sticky bit

check this link for more information on sticky bit

http://www.linuxquestions.org/questi...d-sgid-258719/

deep27ak · 12-06-2011, 06:56 AM

Quote:

Originally Posted by rabir

Dear Everyone

i fell some critical thinking when setting permission for my files & directories on share zone(samba,ftp). i try to set their permission in such a way that a registered user can read & write but couldn't delete a file.

Thnaks in advance.
sorry for my bad english.

please help

you have asked same type of question in two threads....?

http://www.linuxquestions.org/questi...delete-917320/

corp769 · 12-06-2011, 07:00 AM

Ahh, that's why I referred to samba in that other one originally. I wasn't crazy after all! Thanks for pointing that out. Reporting this thread to be closed, since this thread is newer.

deep27ak · 12-06-2011, 07:16 AM

Quote:

Originally Posted by corp769

Ahh, that's why I referred to samba in that other one originally. I wasn't crazy after all! Thanks for pointing that out. Reporting this thread to be closed, since this thread is newer.

Well if you are closing that thread then I will repost my answer in this thread

Quote:

Originally Posted by rabir

Dear Everyone

i fell some critical thinking when setting permission for my files & directories on share zone(samba,ftp). i try to set their permission in such a way that a registered user can read & write but couldn't delete a file.

Thnaks in advance.
sorry for my bad english.

please help

I hope you know about sticky bit

You can use this

Code:

#chmod 1664 /path/to/share
or
#chmod -R 1664 /path/to/share

change the permission as per your requirements and "1" represents sticky bit

check this link for more information on sticky bit

http://www.linuxquestions.org/questi...d-sgid-258719/

corp769 · 12-06-2011, 07:17 AM

+1 to the sticky bit.

And sorry for any confusion before within my posts. I deleted them because nothing seemed right after reading them.

EricTRA · 12-06-2011, 07:30 AM

Hello,

You could also check out chattr. The advantage is that whatever attributes you change will not show with an ordinary ls, you'll need lsattr. And only root can change the attributes if you need to change them again.

Quote:

DESCRIPTION
chattr changes the file attributes on a Linux file system.

The format of a symbolic mode is +-=[acdeijstuADST].

The operator `+' causes the selected attributes to be added to the existing attributes of the files; `-' causes them to be removed; and `=' causes them to
be the only attributes that the files have.

The letters `acdeijstuADST' select the new attributes for the files: append only (a), compressed (c), no dump (d), extent format (e), immutable (i), data
journalling (j), secure deletion (s), no tail-merging (t), undeletable (u), no atime updates (A), synchronous directory updates (D), synchronous updates
(S), and top of directory hierarchy (T).

The following attributes are read-only, and may be listed by lsattr(1) but not modified by chattr: huge file (h), compression error (E), indexed directory
(I), compression raw access (X), and compressed dirty file (Z).

Kind regards,

Eric