Prev   Next

File Permissions: Allow write, but not modify 

Newsgroups:  gmane.linux.debian.user
Date:        Thu, 18 Aug 2005 08:04:52 -0700
> Is it possible to set up a directory so that a user can add a new
> file, but once the file is there the same user cannot modify, rename,
> or delete the file?

Sounds like you want a drop box. This is what we do at our work place for drop boxes.

# chmod 2773 /usr/local/share/dropbox
# ls -l
drwxrws-wx  2 root  staff 4096 Aug 18 07:48 dropbox

Then set your samba share to inherit permissions. This should allow a regular user to drop files or folders. If they drop a file, I don't think they will be to overwrite it. However, if they drop a folder with a file in it, and then do it again, they should be able to overwrite it. For most cases, we ask our users to drop folders, that way they can overwrite it if they made a mistake on a file and need to re-drop it in. Either way, only the orignal user who drops stuff in, and the owners/groups of the share have access.

You can do the same for a netatalk share too, but folder drops do not work quite right.

Mike

File Permissions: Allow write, but not modify 

> > Is it possible to set up a directory so that a user can add a new
> > file, but once the file is there the same user cannot modify, rename,
> > or delete the file?
> >
> > The shared directory is a samba share, and will only be accessed
> > through windows, so solving this problem through samba is just as
> > good.
>
> How about setting "create mode 0000" and "directory mode 0000" for the
> share in the smb.conf file. Or the modes to 0444 and 0555, if you want
> the files to be readable. I have not specificly tested this method for
> this purpose, but it should work.

Yes, this method worked the best for me. In samba I set directory mode to 0755, allowing users to add files and directories and set create mode to 0444 so that once a file was written it cannot be modified. So far, this is working well, with the only drawback that the only way to make any changes to the files is as root.

I found that samba 3.0.2 will have an "inherit owner" option which I will employ once released. Then I should ge able to set directory permissions to 775 and file permissions to 744. That should allow members of the group (regular users) to add files, but not move or modify, and a seperate owner account for making any changes when necessary.

Thanks for your help.

Chris Purves


SourceForge.net LogoXpt.SourceForge.netCreative Commons Attribution-ShareAlike License Del.icio.us digg FURL blinklist reddit Feed Me Links Technorati Stumble Upon Google Bookmarks Yahoo My Web Newsvine Socializer Ma.gnolia RawSugar Squidoo Spurl BlinkBits Netvouz Rojo Blogmarks Shadows Simpy Co.mments Scuttle Bloglines Tailrank Wists FARK smarking Segnalo
Single file version available here.
Last updated on 2008-06-17.
To discuss, comment here.
Prev   Next
 Home