[lug] No rename: permissions and ACL's
Ben
bluey at iguanaworks.net
Mon Oct 16 16:16:32 MDT 2006
I'm having a problem with ACL's on Linux. I can't stop users from
renaming a directory. I have a much of users with rwx access to a
directory. They can create directories, files, etc. Permissions for that
directory are:
bash# getfacl ..
# file: ..
# owner: bluey
# group: root
user::rwx
group::---
group:Engineers:rwx
mask::rwx
other::---
default:user::rwx
default:group::---
default:group:Engineers:rwx
default:mask::rwx
default:other::---
Now I want to have a subdirectory (test2) be read only. So I set the
permissions of the sub directory (and files under the directory) to:
bash# getfacl test2/
# file: test2
# owner: root
# group: root
user::rwx
group::---
group:Engineers:r-x
mask::r-x
other::---
default:user::rwx
default:group::---
default:mask::---
default:other::---
And it works in that people cannot edit the files, or add new ones, etc.
But they can rename the directory! (mv test2 ben-has-bad-security) How
can I stop users from doing that? Now, users cannot rename directories
under test2, so I think the problem is with the permissions of the
parent directory. But I want users to have rwx access to that directory
to they can create and delete other directories.
Thanks,
Ben
More information about the LUG
mailing list