1 |
-----Original Message----- |
2 |
From: Ow Mun Heng [mailto:Ow.Mun.Heng@×××.com] |
3 |
Sent: Tuesday, April 04, 2006 9:06 AM |
4 |
To: gentoo-server@l.g.o |
5 |
Subject: RE: [gentoo-server] dissapearing virtual maildirs |
6 |
|
7 |
On Tue, 2006-04-04 at 08:53 +0200, Jean Blignaut wrote: |
8 |
> |
9 |
|
10 |
> So I was wondering if there is some way to devide file permissions |
11 |
into |
12 |
> more than just rwx how about "may be deleted by" - u/g/o and maybe |
13 |
"may |
14 |
> be created by" - u/g/o or some such (call it precation or maybe just |
15 |
> laziness to implement too much error checking in scripts) I hope that |
16 |
> some thing like this is covered by extended attributes or some thing |
17 |
but |
18 |
> I haven't had too much luck finding documentation on the subject. |
19 |
|
20 |
Have you looked at ACLs? |
21 |
|
22 |
getfacl |
23 |
setfacl etc? |
24 |
|
25 |
They do provide more fine grained controls. Eg: file owned by root:root, |
26 |
but you want user "popeye" to be able to write to it. |
27 |
|
28 |
eg: setfacl -m u:popeye:rwx,u:oliveoil:r filename |
29 |
|
30 |
|
31 |
rememeber to mount your dir with "acl" mount -o remount,acl /dev/hdX |
32 |
|
33 |
-- |
34 |
Ow Mun Heng |
35 |
|
36 |
Thanks I'll look into that but it seams more user/access orientated |
37 |
rather than giving me more elaborate permissions/attributes. |
38 |
I seem to remember that in Novelle DOS 7 199* they had security |
39 |
attribs/perms like create,delete,overwrite,move,read so that if you had |
40 |
only overwrite and read you would be able to edit a file but not delete |
41 |
it. |
42 |
|
43 |
Some thing like that around? Inoticed that vserver seems to use some |
44 |
sort of attribs but can't quite figure out how they work exactly |
45 |
|
46 |
|
47 |
-- |
48 |
gentoo-server@g.o mailing list |