0

How can I modify a directory so that it is owned by a group and users in that group can add and delete files and create sub directories but are unable to change the permissions on the parent directory? For example I would like any use in the 'users' group to be able to add files to the directory foobar but not change the permissions of foobar? I think an ACL is probably the way to go but I've never had to do this.

[peter@cobbler foobar]# ls -la
total 16
drwxrwx---. 2 peter users 4096 May 14 18:37 .
drwxr-xr-x. 3 root  root  4096 May 14 18:37 ..
-rw-rw----. 1 peter users   37 May 14 18:39 bar
-rw-rw----. 1 sam   users   24 May 14 18:39 foo
Peter
  • 1,102
  • 3
  • 18
  • 32

1 Answers1

0

Changing permissions on a file or directory is only permitted for the owner not members of the group. So strictly speaking what you are asking will happen automatically on any unix system.

However often you want to not only prevent the users from changing permissions on the directory, but also from modifying anything created in that directory by another user. For that you use the sticky bit. You can set that on the directory foobar by typing chmod 1775 foobar, which will additionally set it as writable to owner and group and readable to others.

kasperd
  • 30,455
  • 17
  • 76
  • 124