| 1 |
-----Original Message----- |
| 2 |
From: Ow Mun Heng [mailto:Ow.Mun.Heng@×××.com] |
| 3 |
Sent: Tuesday, April 04, 2006 9:06 AM |
| 4 |
To: gentoo-server@l.g.o |
| 5 |
Subject: RE: [gentoo-server] dissapearing virtual maildirs |
| 6 |
|
| 7 |
On Tue, 2006-04-04 at 08:53 +0200, Jean Blignaut wrote: |
| 8 |
> |
| 9 |
|
| 10 |
> So I was wondering if there is some way to devide file permissions |
| 11 |
into |
| 12 |
> more than just rwx how about "may be deleted by" - u/g/o and maybe |
| 13 |
"may |
| 14 |
> be created by" - u/g/o or some such (call it precation or maybe just |
| 15 |
> laziness to implement too much error checking in scripts) I hope that |
| 16 |
> some thing like this is covered by extended attributes or some thing |
| 17 |
but |
| 18 |
> I haven't had too much luck finding documentation on the subject. |
| 19 |
|
| 20 |
Have you looked at ACLs? |
| 21 |
|
| 22 |
getfacl |
| 23 |
setfacl etc? |
| 24 |
|
| 25 |
They do provide more fine grained controls. Eg: file owned by root:root, |
| 26 |
but you want user "popeye" to be able to write to it. |
| 27 |
|
| 28 |
eg: setfacl -m u:popeye:rwx,u:oliveoil:r filename |
| 29 |
|
| 30 |
|
| 31 |
rememeber to mount your dir with "acl" mount -o remount,acl /dev/hdX |
| 32 |
|
| 33 |
-- |
| 34 |
Ow Mun Heng |
| 35 |
|
| 36 |
Thanks I'll look into that but it seams more user/access orientated |
| 37 |
rather than giving me more elaborate permissions/attributes. |
| 38 |
I seem to remember that in Novelle DOS 7 199* they had security |
| 39 |
attribs/perms like create,delete,overwrite,move,read so that if you had |
| 40 |
only overwrite and read you would be able to edit a file but not delete |
| 41 |
it. |
| 42 |
|
| 43 |
Some thing like that around? Inoticed that vserver seems to use some |
| 44 |
sort of attribs but can't quite figure out how they work exactly |
| 45 |
|
| 46 |
|
| 47 |
-- |
| 48 |
gentoo-server@g.o mailing list |
Archives