User Unable to delete files with ACL user:rwx on directory with sticky bit
I was wondering if it is possible to have two owners of a directory(the boss and manager). This is the hierarchy I am trying to accomplish:
Code:
harry (boss needs full control of directory) I have the following setup inside the folder "company". Everything works great, except the boss can't delete files he does not want. The manager has to do it or the owner of the file. I tried using ACLs but the sticky bit seems to prevent the deletion by the boss(harry). Code:
[root@server company]# getfacl sales |
Can't be done. Without the stickybit anyone who can create a file in a directory will be able to delete a file in that directory, and with the stickybit Harry and the managers won't be able to delete files they don't own.
You're going to have to either trust Joe and Jazmin, or give them each their own private subdirectory to create their files in, and optionally come up with some sort of checkin/out mechanism if you want to be able to promote their files into any of the shared locations (such as sales/). Either way, you're going to have to stop using the stickybit if you want Harry to have full control. |
Thanks for the info. I was under the impression that the ACL rule would allow harry to delete files in those directories but I tried it and it did not work. Harry just can't delete anything, but the managers work fine. They can remove any file at will because they are the owners of the directories, even with the sticky bit on. Since the ACL rule did not work, I was thinking perhaps writing a two line script and set SUID bit, give harry permission to run it, that way he can become the manager when deleting files. What do you think?
|
Ahh, yes, you're quite right.
Quote:
In linux you can't suid a script file, but you could do something with sudo to allow the boss-man to take ownership of any files. |
All times are GMT -5. The time now is 11:16 AM. |