Hello,

I would like to know if it's possible to stop permissions inheritance?

I've a level-1 folder named "common", wherein all users can read/write.
Inside this folder, I've created a level-2 folder named "private" wherein members of "abc" group can enter/read/write.

I can build correctly this structure, but I'd like that members of "abc" are not able to rename "private" folder, and I don't succeed to do that!
I've tried many way, including ACL, but it doesn't work!
I'm not sure, but I think the problem is that members of "abc" group are member of "users" (member of child folder/group are member of parent folder/group)!

Do you know how can I do that?

Thanks for your help,
Chris

\common\private\

root@server:/# getfacl common
# file: common
# owner: root
# group: users
# flags: -s-
user::rwx
group::rwx
other::---

root@server:/common# getfacl private
# file: private
# owner: root
# group: abc
# flags: -s-
user::rwx
group::rwx
other::---

If you set the "sticky" bit on the "common" directory ("chmod +t common"), users will be able to delete or rename only the files that they own. That should suffice unless it proves too restrictive for the ordinary files there.

1 members found this post helpful.

Just remove the group permissions.