LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 04-11-2019, 07:38 AM   #1
1s440
Member
 
Registered: Mar 2018
Posts: 126

Rep: Reputation: Disabled
Permission for not deleting the files


Hello all,

I have a samba share and the users from the shared folder owns the files. Is there any possibility to avoid the users from deleting the files?
Please suggest

my files are


Code:
-rwxrw-rw- 1 hzukl hzukl 0 Apr 11 14:26 test.txt
-rwxrw-rw- 1 hzukl hzukl 0 Apr 11 14:26 test1.txt

Last edited by 1s440; 04-11-2019 at 07:49 AM.
 
Old 04-11-2019, 08:13 AM   #2
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: MID-SOUTH USA
Distribution: Slackware 14.2 current / Linux Mint / Debian / Void Linux
Posts: 8,354

Rep: Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744
That is a good question, I've never thought about that. Which permission gives the delete ability? read, write or execute.

I do know I'd set up the directory for group permissions and not by user ownership to access the dir and files within it. I found this stick bit and something else to set on permissions that might help.
https://ubuntuforums.org/showthread.php?t=1402205
 
Old 04-11-2019, 09:18 AM   #3
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,237

Rep: Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649Reputation: 1649
Its really down to user permissions and selinux setup. If you are the owner of the file you can delete it despite its file mode (0000 for example). But if you were to have an extended acl of 'immutable' then no, you wouldn't be able to delete the file.

If you have a samba share and you don't want people deleting files then you can mount it read-only.

Last edited by szboardstretcher; 04-11-2019 at 09:20 AM.
 
Old 04-12-2019, 05:00 AM   #4
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 1,585

Rep: Reputation: 271Reputation: 271Reputation: 271
Implement a backup system, if no delete permissions when users are editing a file, they need to save it as another filename. When modifying a file, delete permission is needed or else users cannot overwrite or make changes to the file.

See this: https://wiki.samba.org/index.php/Rot...or_shadow_copy
 
Old 04-12-2019, 05:51 AM   #5
Adrianali
LQ Newbie
 
Registered: Dec 2018
Location: Argentina
Distribution: OpenBSD, Gentoo Linux
Posts: 12

Rep: Reputation: Disabled
If your filesystem supports ACL you should use the setfacl command

Quote:
man setfacl
 
Old 04-12-2019, 07:24 AM   #6
ehartman
Member
 
Registered: Jul 2007
Location: Delft, The Netherlands
Distribution: Slackware
Posts: 470

Rep: Reputation: 198Reputation: 198
Quote:
Originally Posted by 1s440 View Post
Hello all,

I have a samba share and the users from the shared folder owns the files. Is there any possibility to avoid the users from deleting the files?
The capability to delete files is the write permission for the directory those files are in. If the directory doesn't have write access for those users (and they're not the owner either, so that they could change that permission) they canNOT remove files which are in that directory.
The "x" bit for a directory is very special (it is often used on tmp dirs), now users can only delete files they own, no others.

Note that without the "w" permission users cannot add or rename files either in that directory.
 
Old 04-16-2019, 03:44 AM   #7
1s440
Member
 
Registered: Mar 2018
Posts: 126

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by BW-userx View Post
That is a good question, I've never thought about that. Which permission gives the delete ability? read, write or execute.

I do know I'd set up the directory for group permissions and not by user ownership to access the dir and files within it. I found this stick bit and something else to set on permissions that might help.
https://ubuntuforums.org/showthread.php?t=1402205
yes but with stickybit that doesnot help, but when i set the chattr for particular file, it appears to be deleted but wont delete

Last edited by 1s440; 04-16-2019 at 04:00 AM.
 
Old 04-16-2019, 03:52 AM   #8
1s440
Member
 
Registered: Mar 2018
Posts: 126

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by ehartman View Post
The capability to delete files is the write permission for the directory those files are in. If the directory doesn't have write access for those users (and they're not the owner either, so that they could change that permission) they canNOT remove files which are in that directory.
The "x" bit for a directory is very special (it is often used on tmp dirs), now users can only delete files they own, no others.

Note that without the "w" permission users cannot add or rename files either in that directory.
Yes, I dont want to give write permissions, but the users own the file unfortunately
 
Old 04-16-2019, 03:53 AM   #9
1s440
Member
 
Registered: Mar 2018
Posts: 126

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by szboardstretcher View Post
Its really down to user permissions and selinux setup. If you are the owner of the file you can delete it despite its file mode (0000 for example). But if you were to have an extended acl of 'immutable' then no, you wouldn't be able to delete the file.

If you have a samba share and you don't want people deleting files then you can mount it read-only.
Yes I would like to try it
 
Old 04-16-2019, 07:31 AM   #10
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: MID-SOUTH USA
Distribution: Slackware 14.2 current / Linux Mint / Debian / Void Linux
Posts: 8,354

Rep: Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744Reputation: 1744
I don't know anything about samba share, but permissions go across the board.
As stated, ownership governs permissions. To take away permissions, one needs to remove ownership.

Could you not just give files read only permissions under group permissions, owner root, group whatever you pick?

someone also suggested alc.
 
Old 04-16-2019, 02:14 PM   #11
dc.901
Member
 
Registered: Aug 2018
Location: Atlanta, GA - USA
Distribution: CentOS 6-7; SuSE 8-12
Posts: 323

Rep: Reputation: 75
In SAMBA, there is a "force user" and "force group" option that you can use. I used that many years ago, so I am not sure if that is still available; here is more info:
https://www.thegeekdiary.com/how-to-...a-samba-share/

There there is also option for setting mask with "create mask"

Hope this helps?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Secure Deleting Files in Linux? Overwriting files with bits to secure erase? d9esco Linux - Newbie 9 09-02-2015 10:18 AM
deleting duplicate lines without deleting first instance of the duplicated line jkeertir Linux - Newbie 2 02-07-2011 06:55 AM
deleting files recursively, but not directories tantan Linux - General 2 03-07-2007 06:01 AM
Changing File Permission in a FTP directory to prevent deleting of files shawnbishop Linux - Software 3 01-10-2006 05:41 AM
HD space not going up after deleting files MikeZila Linux - Newbie 8 07-04-2004 09:04 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 04:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration