Re: deny deleting a file for users

From: CaT (cat_at_zip.com.au)
Date: 06/02/03

Next message: Glynn Clements: "Re: deny deleting a file for users"

Previous message: carrion_at_ravel.ufrj.br: "Re: Linux firewall/IDS/NAT suggestions"
Maybe in reply to: Seth Arnold: "Re: deny deleting a file for users"
Next in thread: Glynn Clements: "Re: deny deleting a file for users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 3 Jun 2003 00:48:43 +1000
To: Sandra Hernandez <sandra@fib.upc.es>

On Fri, May 30, 2003 at 03:14:30PM +0200, Sandra Hernandez wrote:
> Hello,
>
> I would like to know if there exist any way to deny deleting a file
> for a user, but allow this user accessing, removing parts of this file
> or append text? We have problems in our systems because some users
> delete theirs own nsmail file without notice what they are doing.

There are some things you can do but they are all messy. Try this
instead:

mkdir /home/NSMAIL # in caps to keep it out of the way of the usernames.
you could also use /home/.nsmail

move all the nsmail folders out of the users dirs and into the above,
naming each folder after its user. eg if the user is moocow then you'd
do:

mv ~moocow/nsmail /home/NSMAIL/moocow

In /etc/profile (and other startup scripts for other shells used by
your users) put int he following (or its othershell equivalent):

export MAIL_DIR=/home/NSMAIL/`id -nu`

And your problem should prettymuch be solved. If they then do

cd /home/NSMAIL/moocow
rm -fvr *

Then they deserve it. :)

Obviously for new users you'd precreate the right directory. Permissions
should be:

chmod 711 /home/NSMAIL
chmod 700 /home/NSMAIL/*/

That way privacy is kept. The /home/NSMAIL/*/ dirs should be owned by
their respective users (ie moocow will own /home/NSMAIL/moocow)

Hope this helps. :)

(oh yeah. just to be clear, the export line is for bash :)

-- 
Martin's distress was in contrast to the bitter satisfaction of some
of his fellow marines as they surveyed the scene. "The Iraqis are sick
people and we are the chemotherapy," said Corporal Ryan Dupre. "I am
starting to hate this country. Wait till I get hold of a friggin' Iraqi.
No, I won't get hold of one. I'll just kill him."
	- http://www.informationclearinghouse.info/article2479.htm

Next message: Glynn Clements: "Re: deny deleting a file for users"

Previous message: carrion_at_ravel.ufrj.br: "Re: Linux firewall/IDS/NAT suggestions"
Maybe in reply to: Seth Arnold: "Re: deny deleting a file for users"
Next in thread: Glynn Clements: "Re: deny deleting a file for users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]