Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 03-15-2006, 05:33 PM   #1
Registered: Jun 2002
Location: Berlin / Germay
Distribution: gentoo linux, ubuntu
Posts: 40

Rep: Reputation: 17
Arrow extended user rights in multiple groups


I have two groups, group staff and employees and one directory in which both groups may place files in. The employees group may only remove files from their own group but not from the staff group, while the staff group may remove files from both groups (their own and employees).
I've been trying to solve this the usual way, giving the directory to the employees group (all staff are also in the employees group), but the problem is that then employees can simply remove files owned by staff member from that dir. Otherwise, the dir belongs to the staff, the employees won't be able to create file withing that dir...

I don't speak fluent ACL which I know would be perfect for this situation. I'd appreciate it a lot if someone could help me out.
Old 03-15-2006, 08:15 PM   #2
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 680Reputation: 680Reputation: 680Reputation: 680Reputation: 680Reputation: 680
If you only want the owner of a file to be able to delete a file, then you could set the sticky bit on the directory containing the file.

Otherwise, how you do it may depend on whether you are wanting acl support for a samba share, or if these are users of the server itself.
Also, whether the kernel has acl support and what filesystem is used for the partition. There is a Samba-XFS ACL howto on the web. Also, the Samba 3 documentation may contain more recent information.

SELinux also offers more granualarity in controlling types of access.
Some of these options may need preplanning however. If you use reiserfs in SuSE, an ACL reiserfs option is selected by default during the installation. It is possible in your case that a reformatting of the filesystem, and maybe even recompiling your kernel may be needed.

( Oh, by the way, Happy Birthday! Mine was just last week. )

Last edited by jschiwal; 03-15-2006 at 08:25 PM.
Old 03-15-2006, 08:22 PM   #3
Registered: Jun 2002
Location: Berlin / Germay
Distribution: gentoo linux, ubuntu
Posts: 40

Original Poster
Rep: Reputation: 17
no, I do not want only the OWNER, but a whole specific (staff) group to delete file(s) ..


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
multiple groups permissions steve007 Linux - Newbie 2 07-01-2005 12:24 PM
Multiple Group Rights to One Directory JWatson Linux - Security 4 12-31-2004 01:13 PM
Giving Kppp rights to other users n groups xxx_anuj_xxx Linux - Security 5 12-22-2004 06:12 PM
Squid proxy with user authentication and user rights duvanhorn Linux - Networking 0 08-07-2003 03:40 AM
groups and file rights tstuhr Linux - Networking 1 10-05-2001 01:06 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:49 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration