0

This is a little embarrassing to ask, but I just set up a ubuntu server with openssh.

Is it possible to create a user that has read-only access to chmod **7 files if that user is not the owner, nor part of the group? In other words files with **7 permissions would appear as **4 when you're logged in as that user but would appear as **7 when you're logged in as other users.

user784637
  • 1,542
  • 7
  • 35
  • 52

3 Answers3

6

The permission mask is defined as: {user, group, other}. So just chmod the file 664? The person who owns the file can read/write it, people in the same group can read/write it, and it's read-only for everyone else.

Otherwise please explain what problem it is that you're trying to solve; I get the sense that you're trying to bake a cake with a hammer.

MrTuttle
  • 1,176
  • 5
  • 5
1

If I understand correctly, you want to set a file **7 but then limit a certain user's permissions to that file to read-only.

This is not possible (with standard shell/linux permissions).

You want to use groups in this case. Give your group full permissions and then make sure that user is not part of the group. Then change the group on the file you are trying to control.

jeffatrackaid
  • 4,142
  • 19
  • 22
  • It's possible, using two methods, SELinux and ACLs. You can even make it so that only root user cannot view a file with 777 permissions using SELinux. – Red Tux Jan 03 '12 at 18:19
  • That's what I meant by standard shell/linux permissions. With ACL/SElinux you can certainly put in some very fine limits. – jeffatrackaid Jan 03 '12 at 19:33
0

If you want to have a file which all users but one can access, then make the file world readable (o+r), and then put the user who should not have access to it into a group, put the file into that group and make the file g-r. This would be more useful if files could be in multiple groups. Or look at extended ACLs.

mcr
  • 233
  • 1
  • 10