On 02/03/12 08:52, Bernhard Voelker wrote:
On 03/01/2012 11:30 PM, lynn wrote:
Hi Is there a way to implement m$ modify? i.e. a group can read and write files but not change their name? _I_'ve looked through setfacl but it doesn't seem to cover this one. Thanks, L x
For renaming a file you need write permissions to the directory. Therefore, just set the group permissions of the directory to g-w and for the files to g+w:
$ id -gn users $ ls -ld . a drwxr-x--- 2 root users 4096 Mar 2 08:40 . -rw-rw---- 1 root users 6 Mar 2 08:45 a $ echo hello> a $ rm a rm: cannot remove `a': Permission denied $ mv a d mv: cannot move `a' to `d': Permission denied
Of course, in this example, only root can create new files. So check out for the sticky bit, usually applied e.g. in /tmp.
Have a nice day, Berny
Hi The problem now is that the group cannot create new files in the directory. Sorry, I didn't explain very well. I have the sticky bit set and I need to be able tow write o the directory as a group member: lynn2@hh3:/home/CACTUS/dropbox> id uid=3000029(lynn2) gid=3000020(suseusers) groups=3000020(suseusers) lynn2@hh3:/home/CACTUS/dropbox> touch a touch: cannot touch `a': Permission denied lynn2@hh3:/home/CACTUS/dropbox> ls -la total 16 drwxrws---+ 2 root suseusers 4096 Mar 2 12:11 . drwxr-xr-x 9 root root 4096 Feb 28 18:19 .. lynn2@hh3:/home/CACTUS/dropbox> touch a lynn2@hh3:/home/CACTUS/dropbox> ls -la total 16 drwxrws---+ 2 root suseusers 4096 Mar 2 12:13 . drwxr-xr-x 9 root root 4096 Feb 28 18:19 .. -rw-rw----+ 1 lynn2 suseusers 0 Mar 2 12:13 a lynn2@hh3:/home/CACTUS/dropbox> getfacl ../dropbox/ # file: ../dropbox/ # owner: root # group: suseusers # flags: -s- user::rwx group::rwx mask::rwx other::--- default:user::rwx default:group::rw- default:mask::rw- default:other::--- lynn2@hh3:/home/CACTUS/dropbox> mv a b lynn2@hh3:/home/CACTUS/dropbox> ls -la total 16 drwxrws---+ 2 root suseusers 4096 Mar 2 12:15 . drwxr-xr-x 9 root root 4096 Feb 28 18:19 .. -rw-rw----+ 1 lynn2 suseusers 0 Mar 2 12:13 b lynn2@hh3:/home/CACTUS/dropbox> IOW group members still need to be able to create files but once created the files do not change name. On windows, it's the modify flag: http://4.bp.blogspot.com/-eEJsd2TOny8/T05PbDh85zI/AAAAAAAAARI/Axx-76I4DEA/s1... Any ideas? Salu2, L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org