Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
04-18-2017, 11:06 AM
|
#1
|
|
LQ Newbie
Registered: Apr 2017
Posts: 3
Rep: 
|
Linux File/Folder permissions
Hello Forum,
My question is a little offbeat and I'm unsure where it belongs so I'm hoping this forum is the right place to start.
I'm inquiring about file permissions with regards to a Windows computer accessing files on a Linux File Server. Our scenario is that we have .txt files saved on a Linux file share. The requirement for our users is to be able to rename the files but not change the contents of the .txt files. I know of no way to do this through permissions but I'm not an expert on Linux file permissions so I thought I would throw this question out to this group.
I did do some research on file permission settings:
Linux permissions dictate 3 things you may do with a file, read, write and execute. They are referred to in Linux by a single letter each.
r read - you may view the contents of the file.
w write - you may change the contents of the file.
x execute - you may execute or run the file if it is a program or script.
For every file we define 3 sets of people for whom we may specify permissions.
owner - a single person who owns the file. (typically the person who created the file but ownership may be granted to some one else by certain users)
group - every file belongs to a single group.
others - everyone else who is not in the group or the owner.
It doesn't apper to me to be a way to set the permission on a file to not change the contents BUT allow rename.
Any advice or pointers you can provide on where I can search further for an answer to my users request would be greatly appreciated.
Thank you.
|
|
|
|
|
04-18-2017, 11:52 AM
|
#2
|
|
Moderator
Registered: Mar 2011
Location: USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 9,939
|
I do not believe you can attain this scenario. You are correct that you need to grant write access for the file to be able to change the name of it.
|
|
|
|
|
04-18-2017, 12:22 PM
|
#3
|
|
LQ Guru
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (15 current), Slack15, Ubuntu studio, MX Linux, FreeBSD 13.1, WIn10
Posts: 10,342
|
Quote:
|
I'm inquiring about file permissions with regards to a Windows computer accessing files on a Linux File Server. Our scenario is that we have .txt files saved on a Linux file share. The requirement for our users is to be able to rename the files but not change the contents of the .txt files. I know of no way to do this through permissions but I'm not an expert on Linux file permissions so I thought I would throw this question out to this group
|
One needs write permissions in Linux and I bet in Windows too just to change the file name , therefore the ability to open and change whatever is in it too is there.
read only will not allow this in either Windows or Linux -- so this permissions thing is pretty much cross platform is that respect.
the best you could do is only allow a group of people to do this, but still they'd even be able to changes its contents.
You'd have to make a back up of each file and store it where only someone that can be "trusted" can get at them. That way if someone does decided to go in and change its contents you (should) still have an original (copy).
Last edited by BW-userx; 04-18-2017 at 12:25 PM.
|
|
|
|
|
04-18-2017, 12:32 PM
|
#4
|
|
Member
Registered: Sep 2016
Location: USA
Posts: 275
Rep:
|
Nothing is really a secret on a Unix/Linux system, if you must keep something private you need to encrypt it, otherwise root or other users could know it.
|
|
|
|
|
04-18-2017, 12:45 PM
|
#5
|
|
LQ Addict
Registered: Dec 2013
Posts: 19,872
|
^ this is actually a good idea, because you could still rename the encrypted file.
another idea:
if each file is in a separate folder, and those folders are in a directory which allows (whoever) to write, then, i think, (whoever) could rename the folder, but still not change the file.
|
|
|
|
|
04-18-2017, 04:14 PM
|
#6
|
|
LQ Guru
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 11,101
|
So far as I know, even when one is using ACLs (Access Control Lists), the Linux permissions model does not allow you to control "rename" separately. You must have write access to the file in order to rename it.
The Windows permission-model is not identical to that of Linux (nor of any other file-system that is external [to Windows]), so there might be a "mapping" from one to the other, but it is nevertheless the security-model of the host (in this case, "Linux"), which must in the end prevail.
|
|
|
|
|
04-18-2017, 04:43 PM
|
#7
|
|
Moderator
Registered: Mar 2011
Location: USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 9,939
|
Quote:
Originally Posted by linux4evr5581
Nothing is really a secret on a Unix/Linux system, if you must keep something private you need to encrypt it, otherwise root or other users could know it.
|
Quote:
Originally Posted by ondoho
^ this is actually a good idea, because you could still rename the encrypted file.
|
There are variances, however mostly I've seen encrypted directories showing a file or files which have long names implying that they are encryption reference files or archives, and therefore the true filename is obscured by the encryption. As So while I do know there are options, personally I would not select any option which would encrypt files but still expose the name of those files freely. In fact, my preference would be that you couldn't tell how many files there were, or how much space they occupied. |
|
|
|
|
04-18-2017, 06:04 PM
|
#8
|
|
Member
Registered: Sep 2016
Location: USA
Posts: 275
Rep:
|
Quote:
Originally Posted by rtmistler
There are variances, however mostly I've seen encrypted directories showing a file or files which have long names implying that they are encryption reference files or archives, and therefore the true filename is obscured by the encryption. As So while I do know there are options, personally I would not select any option which would encrypt files but still expose the name of those files freely. In fact, my preference would be that you couldn't tell how many files there were, or how much space they occupied.
|
Not sure how one would go about doing that, maybe via some type of wrapper.. Id probably just scramble the text/name with ROT13 in addition to the encryption, but what you said would be way better. |
|
|
|
|
04-19-2017, 03:50 AM
|
#9
|
|
LQ Guru
Registered: Aug 2004
Location: Sydney
Distribution: Rocky 9.2
Posts: 18,426
|
Actually, you don't need 'w' on the file, you need 'w' on the dir; it involves changing file's metadata which is stored in inode (dir).
Code:
#Inside local tmp/ dir
ll
-r--r--r--. 1 chris chris 2907155 Apr 20 2016 1.jpg
mv 1.jpg 2.jpg
ll
-r--r--r--. 1 chris chris 2907155 Apr 20 2016 2.jpg
# move up one level - using tmp dir for testing
cd ..
chmod ug-w tmp
ll tmp
-r--r--r--. 1 chris chris 2907155 Apr 20 2016 2.jpg
mv tmp/2.jpg tmp/3.jpg
mv: cannot move `tmp/2.jpg' to `tmp/3.jpg': Permission denied
# ... and just to show adding perms back
chmod ug+w tmp
mv tmp/2.jpg tmp/3.jpg
ll tmp
-r--r--r--. 1 chris chris 2907155 Apr 20 2016 3.jpg
HTH  |
|
|
2 members found this post helpful.
|
All times are GMT -5. The time now is 08:37 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
