HPE Community
Operating System - HP-UX
1826873 Members
2969 Online
109705 Solutions
New Discussion

Permission Related

 
SOLVED
Go to solution
Srinivas Sreekumar
Advisor

‎07-08-2003 09:34 PM

‎07-08-2003 09:34 PM

Permission Related

I have a dir /test owned by user abc. I have few files under this dir which are owned by user xyz.
Q: Can I restrict user abc to delete the files owned by xyz under /test?

By default user abc can delete this files even if the permission is 000.
It Has Been...
0 Kudos
Reply
7 REPLIES 7
Steven E. Protter
Exalted Contributor

‎07-08-2003 09:53 PM

‎07-08-2003 09:53 PM

Re: Permission Related

Staying away from ACL's

permissions onf files owned by xyz can be 700

owner can do as he/she pleases, nobody else can see or change anything.

chmod 700 file_owned_by_xyz

That would do it. There would be no sharing

perhaps chmod a+r file_owned_by_xyz
perhaps chmod o-w file_owned_by_xyz
perhaps chmod g-w file_owned_by_xyz

Anyone can read, nobody sles can write(thereby delete).

There are lots of answers.

Is this a multiple choice question?

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
twang
Honored Contributor

‎07-08-2003 09:58 PM

‎07-08-2003 09:58 PM

Re: Permission Related

In your case, I don't think you can prevent abc to remove xyz's files from abc's dir.
0 Kudos
Reply
Ollie R
Respected Contributor

‎07-08-2003 10:40 PM

‎07-08-2003 10:40 PM

Re: Permission Related

Hi,

Here is an alternative you might consider:

chown root:users /test
chmod 1770 /test
chmod 750 /test/*
chgrp users /test/*

Presuming users "abc" and "xyz" are members of the "users" group, they can access the directory "/test" but can only remove files that they own.
Of course, the files themselves must not be writable by group, or they can be removed by any user that is a member of "users".

Hope this helps,

Ollie.
To err is human but to not award points is unforgivable
0 Kudos
Reply
Dagmar Boelen
Frequent Advisor

‎07-09-2003 12:41 AM

‎07-09-2003 12:41 AM

Re: Permission Related

Hi,

Try the sticky-bit!! I copied a piece of a hp-ux manual. Should do the trick for you!!

chmod u+t /test

The most common modern meaning of sticky bits is in the context of directories. When the sticky bit is set on directories, files in that directory cannot be moved or renamed, except by the owner or superuser, even if the privileges on the file would otherwise permit such modifications. The sticky bit is commonly set on the /tmp directory as a security measure

(please assign points, if it helps of course!)
0 Kudos
Reply
Srinivas Sreekumar
Advisor

‎07-09-2003 03:00 AM

‎07-09-2003 03:00 AM

Re: Permission Related

the scenarioa is as below, the logged in id is wls61
wls61@dhlin1vb:/u1/home/srini> ll -d a
drwxr-xr-t 2 root sys 96 Jul 9 18:42 a/
wls61@dhlin1vb:/u1/home/srini> cd a
wls61@dhlin1vb:/u1/home/srini/a> ll
total 0
-rw-r----- 1 wls61 dhl 0 Jul 9 18:05 c
-rw-r----- 1 srini dhl 0 Jul 9 18:05 d
wls61@dhlin1vb:/u1/home/srini/a> rm c
c: ? (y/n) y
rm: c not removed. Permission denied
wls61@dhlin1vb:/u1/home/srini/a>

Whay I am not able to remove the id using wls61? If I change the ownership of dir 'a' to id 'srini' , then 'srini' is able to delete file 'c' which is owned by wls61 id.

It Has Been...
0 Kudos
Reply
Ollie R
Respected Contributor

‎07-09-2003 03:02 AM

‎07-09-2003 03:02 AM

Solution

Re: Permission Related

Hi,

Because your user does not have WRITE permission on the directory.

Ollie.
To err is human but to not award points is unforgivable
Reply
Ionut Grigorescu_2
Super Advisor

‎07-09-2003 11:25 PM

‎07-09-2003 11:25 PM

Re: Permission Related

Hi,

the previous response is correct - you don't have write permission on the directory and the directory is home for srini, so srini can delete the file - you can't.
If it weren't for STRESS I'd have no energy at all
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.