Hello fellow linuxers,
I am having some problem with Linux file permissions. It is simple but some how I am not able to arrive at a perfect solution.
I am having four folders in another folder called 'departments'. They are 'sales','accounts','support' and 'management'.
I want to accomplish the following objectives:- 1) All people can access 'departments' folder. 2) People belonging to a particular department have read/write access in their folder only. eg. sales people can read/write in sales folder etc. 3) People belonging to other departments cannot *see* into other departments folder. eg.support people cannot *see* anything in sales, accounts, management folder etc. 4) People belonging to 'management' can read/write into all folders. 5) People belonging to 'accounts' can *read* 'sales' folder . They cannot add/delete files.
I know that I have to use usermod,groupmod,chmod,chown.chgrp commands. But I am not able to work out on what exact folder/file to work on.
I am using RedHat Linux 9 ( I don't think distribution matters! )
Please help me with this situation.
Hitesh
__________________________________ Do you Yahoo!? New Yahoo! Photos - easier uploading and sharing. http://photos.yahoo.com/
On Sat, 27 Dec 2003, Hitesh Lad wrote:
- People belonging to 'accounts' can *read* 'sales' folder . They cannot add/delete files.
I think this is not possible with traditional scheme of permissions. The problem is you are trying to give different group permissions ( mgmt and acc ) to a single folder ( sales )
I think you have to use Access Control List (ACL's ) for this.
On Sun, 2003-12-28 at 12:08, Nikhil Joshi wrote:
On Sat, 27 Dec 2003, Hitesh Lad wrote:
- People belonging to 'accounts' can *read* 'sales' folder . They cannot add/delete files.
I think this is not possible with traditional scheme of permissions. The problem is you are trying to give different group permissions ( mgmt and acc ) to a single folder ( sales )
I think you have to use Access Control List (ACL's ) for this.
What you are trying to achieve is certainly not simple with the traditional file mode permission bits that UNIX/LINUX offers. You definitely need to used ACLs.
If you are running 2.4, get the kernel patches from the above site, apply and recompile the kernel. In case you are running 2.6, ACLs and Extended Attributes(EA) support is already there. Also be sure to upgrade the mentioned packages like coreutils etc.
More info and papers on ACL is on the SUSE website: http://www.suse.de/~agruen/
-
Ashok Iyer -
Hitesh Lad -
Nikhil Joshi