sticky bit: how to protect directories but not files inside

alexandrusa · 03-19-2008, 10:08 AM

Hi,

I'm trying to protect a directory tree but not the files inside. For that I put a sticky bit on each directory and chown them as root. But that also makes the files within the dirs to become sticky (only owner can delete them), what is not my intention. I want to prevent alterations to the directory-tree but grant unlimited permissions to all users for the files within (on all depths).

Is it possible to achieve that behavior using the file permissions, or do I have to use some trick or script?

The files are only accessed through Samba, so a Samba-side solution would be also helpful.

An idea:
I now have put in each directory a empty directory named ".placeholder" and chowned it to root, what seems the achieve what I want but I'm not really satisfied with that solution. It prevents deletion of of the dirs but it is still possible to rename and to move them.

Thanks
Alex

unSpawn · 03-19-2008, 10:43 AM

Is this a copy of http://www.linuxquestions.org/questi...elete-623054/? If not, could you explain *why* you need to protect the dirs and not the files within?

alexandrusa · 03-19-2008, 11:38 AM

Not exactly. I thought the sticky bit would solve my problem but as I realized just now I doesn't (I didn't try changing to another user, I just was happy that I couldn't move or delete the dirs). I figured a new thread would me more effective since a replier would not be forced to read the entire thread and I could better emphasize my exact problem now.

Explanation of my problem / intention:

I have a predefined directory tree for every project, that is automatically created by a script in root-mode, for example:

Code:

project_root
+001_project1
 +01_subdir1
   +01_subsubdir1
   +02_subsubdir2
 +02_subdir2
+002_project2
 +01_subdir1
   +01_subsubdir1
   +02_subsubdir2
 +02_subdir2

I would like to preserve that tree, but also allow all user to create, delete and move files and new directories on all depths.

The main reason for that is that in Windows Explorer you can accidently move an entire directory by dragging. This happened often before.

unSpawn · 03-19-2008, 09:30 PM

Quote:

Originally Posted by alexandrusa

I figured a new thread would me more effective since a replier would not be forced to read the entire thread and I could better emphasize my exact problem now.

If one can see answer history duplicate answers are less likely to happen (..). It's a trade-off.

Quote:

Originally Posted by alexandrusa

I would like to preserve that tree, but also allow all user to create, delete and move files and new directories on all depths. The main reason for that is that in Windows Explorer you can accidently move an entire directory by dragging. This happened often before.

*Sigh* Wetware problems. Look through a few random HOWTO's to see if EA/ACL (http://acl.bestbits.at/) is your thing: http://en.opensuse.org/How_to_share_...sers_using_ACL, http://www.vanemery.com/Linux/ACL/linux-acl.html, http://www.bluelightning.org/linux/samba_acl_howto/. I'm sure you can find some more elaborate and recent ones yourself.

jschiwal · 03-20-2008, 01:37 AM

If you set up the directory to share like:
/srv/samba/ProjectRoot/
and all these directories are created by root in the manner you said, they will be protected from deletion. I tried it out myself and tested it.

Code:

[wildswede]
        path = /srv/samba
        guest ok = Yes
        read only = No

Code:

ls -lR /srv/samba
/srv/samba:
total 20
drwxr-xr-x 2 nobody   nobody   4096 Feb 21 02:07 New Folder
-rwxr----- 1 nobody   nobody     63 Feb 21 02:23 filebyjimbo_1.txt
-rwxr--r-- 1 nobody   nobody     63 Feb 21 02:26 filebyjimbo_2.txt
drwxrwxrwt 4 root     root     4096 Feb 22 10:56 share
-rw------- 1 jschiwal jschiwal    0 Feb 21 02:09 textfile

/srv/samba/New Folder:
total 4
-rwxr--r-- 1 nobody nobody 111 Feb 21 02:07 HTML File

/srv/samba/share:
total 8
drwxrwxrwt 6 root root 4096 Feb 22 10:56 subdir1
drwxrwxrwt 6 root root 4096 Feb 22 11:24 subdir2

/srv/samba/share/subdir1:
total 16
drwxrwxrwt 2 root root 4096 Feb 22 10:56 subsubdir1
drwxrwxrwt 2 root root 4096 Feb 22 10:56 subsubdir2
drwxrwxrwt 2 root root 4096 Feb 22 10:56 subsubdir3
drwxrwxrwt 2 root root 4096 Feb 22 10:56 subsubdir4

I was unable to delete or move the subdirectories.
Note how none of the parent directories are owned by a non-root user.

If you remove the sticky bit from the directories then the directories can be deleted even though they are all owned by root. A user creating a file is responsible for protecting a file from being edited or overwritten by changing the permissions.

I would second the idea of reading the manpages for getfacl, setfacl, lsattr & chattr. I even installed the source for the "coreutils" package so that I could run "configure && make pdf" which generated nice looking documentation on most of the programs in /bin/ and /usr/bin/. The documentation for gawk is excellent.

---

I would also recommend mounting samba shares as cifs filesystems rather than browsing when you are using Linux to Linux samba filesharing. You will be able to use tools like setfacl in the shell. I don't know if any graphical file browser will support this level of file permissions/ownership/acl controls on a samba share.

Good Luck! It would be a good idea to play strictly by the rules on any forum site. Remember the Golden Rule. "The dude with the gold makes all the rules!"

alexandrusa · 03-20-2008, 09:17 AM

Quote:

Originally Posted by jschiwal

I was unable to delete or move the subdirectories.
Note how none of the parent directories are owned by a non-root user.

If you remove the sticky bit from the directories then the directories can be deleted even though they are all owned by root. A user creating a file is responsible for protecting a file from being edited or overwritten by changing the permissions.

Hi jschiwal, thanks for your input.

I already figured what you are writing, my problem is that I want the files to be non-sticky. But even when I set them to 0777 they still are sticky if the parent directory is:

Code:

drwxrwx--T  3 root   mygroup   80 2008-03-20 14:28 .
drwxrwx--- 26 user_a mygroup 1.3K 2008-03-20 14:21 ..
drwxrwx--T  2 root   mygroup   88 2008-03-20 14:29 thisdirissticky
# sudo -u user_a mv thisdirissticky thisdirissticky_
mv: cannot move `thisdirissticky' to `thisdirissticky_': Operation not permitted
# sudo -u user_b mv thisdirissticky thisdirissticky_
mv: cannot move `thisdirissticky' to `thisdirissticky_': Operation not permitted

very good so far

Code:

drwxrwx--T 2 root   mygroup 88 2008-03-20 14:29 .
drwxrwx--T 3 root   mygroup 80 2008-03-20 14:28 ..
-rwxrwx--- 1 user_a mygroup  0 2008-03-20 14:14 thisfileidontwantsticky
# sudo -u user_a mv thisfileidontwantsticky thisfileidontwantsticky_

still good, but:

Code:

# sudo -u user_b mv thisfileidontwantsticky_ thisfileidontwantsticky
mv: cannot move `thisfileidontwantsticky_' to `thisfileidontwantsticky': Operation not permitted

I want that to be possible. Every user should have unlimited access to all files within the structure, including move and delete permissions. I am desperately looking for a way to do that.

Regarding ACLs: I read a bit on them (never heard about them before). I'm not sure this is what I am looking for and foremost I can't test them so easy because I'm using ReiserFS, so I would have to patch my kernel, what I've never done before.

Isn't there a trick or a (samba-)tweak that could help me?

jschiwal · 03-20-2008, 08:28 PM

The reiserfs may support user acls. I think it depends on the options used when the filesystem was formatted.
You may need to install the acl package if you don't have it.

To both protect the subdirectories and allow full access to files by all users,
you might try "force user = nobody" and "force group = nogroup" options together
with the sticky bit on the directories.

This will need to be tested however. If all the users are forced to to be the same, they
may be able to delete any file because they were created by the same user.

alexandrusa · 03-27-2008, 07:54 AM

Quote:

Originally Posted by jschiwal

The reiserfs may support user acls. I think it depends on the options used when the filesystem was formatted.
You may need to install the acl package if you don't have it.

I've tried it, without luck.

Quote:

Originally Posted by jschiwal

To both protect the subdirectories and allow full access to files by all users,
you might try "force user = nobody" and "force group = nogroup" options together with the sticky bit on the directories.

The "force user" variable is a good call. It actually works if all files are owned by the user specified in "force user" and the protected directories by someone else.

But I experienced also a strange behavior with directories using the sticky bit. While I was unable to move and delete directories (owned by root, with sticky bit) with at least one sub-directory (owned by root, with sticky bit), with exactly the same configuration, I am now as long as the parent dir is not sticky. This applies to samba- and bash-side. Could this be a Bug?

Deleriux · 03-27-2008, 10:35 AM

Can you not just create the directory that the project will be worked from within and use group sticky on directories (to ensure file group ownerships) then have all users who will be using it put into the group?

Sure, it wont prevent them deleting the directories but thats what backups are for

.

I suspect windows ACL's allow for this kind of relationship but the unix ones dont from the configurations i've tried.

Frankly if the group have someone who deletes a structure they know not to delete they shouldnt be in the group in the first place. If its a groups project I would personally see it the responsibility of the group to maintain the projects integrity.