|
extended user rights in multiple groups
hello,
I have two groups, group staff and employees and one directory in which both groups may place files in. The employees group may only remove files from their own group but not from the staff group, while the staff group may remove files from both groups (their own and employees). I've been trying to solve this the usual way, giving the directory to the employees group (all staff are also in the employees group), but the problem is that then employees can simply remove files owned by staff member from that dir. Otherwise, the dir belongs to the staff, the employees won't be able to create file withing that dir... I don't speak fluent ACL :) which I know would be perfect for this situation. I'd appreciate it a lot if someone could help me out. |
If you only want the owner of a file to be able to delete a file, then you could set the sticky bit on the directory containing the file.
Otherwise, how you do it may depend on whether you are wanting acl support for a samba share, or if these are users of the server itself. Also, whether the kernel has acl support and what filesystem is used for the partition. There is a Samba-XFS ACL howto on the web. Also, the Samba 3 documentation may contain more recent information. SELinux also offers more granualarity in controlling types of access. Some of these options may need preplanning however. If you use reiserfs in SuSE, an ACL reiserfs option is selected by default during the installation. It is possible in your case that a reformatting of the filesystem, and maybe even recompiling your kernel may be needed. ( Oh, by the way, Happy Birthday! Mine was just last week. ) |
no, I do not want only the OWNER, but a whole specific (staff) group to delete file(s) ..
|
| All times are GMT -5. The time now is 07:12 AM. |