1

I am working on adding a few people to work on my site but I want them to only be able to access certain files as they are going to be working on a live site for the very first time.

I want the user to be given hand picked file access by me (the admin) and allow them to do everything but delete that file.

Is this even possible? If so how would this work? (I DID google this)

user115422
  • 4,662
  • 10
  • 26
  • 38

1 Answers1

2

Put the file(s) into directory these users has only r+x access, but allow the write access on the file itself. This will prevent the file from deletion while the editing will be possible.

As an option put the files into some directory they have no write access and then hard link the files into their home directories - they will be able to remove the files only from their home directories.

Serge
  • 6,088
  • 17
  • 27
  • ah yes but thats only part of my problem, you see i want the users code to be put online instantly... and also i need it to be kept in the sites directory which has rights to all users to rwx (I understand the risks but i need it like that) also what about creating a user as such? Thanks - I plus voted your answer :) as it was helpful – user115422 Oct 21 '12 at 03:11
  • 1
    what you mean `creating a user as such`?? May be `man useradd` would help? – Serge Oct 21 '12 at 03:15
  • As for rwx on directory see the edit to the answer - just hardlink all files in the non-writable dirs – Serge Oct 21 '12 at 03:17
  • thanks but im new to bash. I mean how would I make a user with restricted privs? I dont want them to look at code unauthorized and what do u mean about hardlink? – user115422 Oct 21 '12 at 03:18
  • about hard links: see 'man ln' (use `ln` without -s option). about how files are managed in unix read this please: http://unix.stackexchange.com/questions/49299/what-is-linux-doing-differently-that-allows-me-to-remove-replace-files-where-win/49306#49306; about restricted privileges - they will be ordinary users, so will not be able to do any harm unless you give write access to files/directories. The same applies to the privacy: don't give the read access to the things they should not see. – Serge Oct 21 '12 at 03:23
  • Serge okey, but its becomming late with me, do you want to start a chat so we can pick it up whenever? I have to go soon :) – user115422 Oct 21 '12 at 03:26
  • I can't see the point to set up a chat. You always have 1) `man` tool to read info about particular commands; 2) seek the internet for recipes - the good keyword is `howto` (a single word); 3) ask questions here :) – Serge Oct 21 '12 at 03:29
  • no tis just that i like your answer and i want you to be able to help me out. – user115422 Oct 21 '12 at 03:32