Joseph Sinclair wrote:
> AFAICT, what you're trying to do requires ACL-type access controls
> assignable on a per-object basis. Linux does not natively support ACL's
> or per-object access.
Natively, not necessarily, but XFS allows sophisticated ACLs on files.
http://linsec.ca/filesystems/xfs.php
Additionally, a lot of people are unaware of the chattr/lsattr
attributes on ext2/3 filesystems, which come in pretty handy. You can,
for example, give people a .bash_history that is append-only, meaning
noone (not even root!) can overwrite it or delete it without chattr'ing
the append-only flag. Additionally, there's a register in /proc or /sys
one can poke to disable this feature irrevocably until the next reboot-
meaning that to remove the attribute you must first reboot the system.
That said, I get the impression that a standard "group" setup,
appropriate umask settings in the users .whateverrc files, and perhaps
sudo for managers or admin staff is what the OP is really looking for.
~Ben
--
---
"Confession only helps if you actually feel bad for your actions.
For you, it would just be a really long boast."
-Tara
http://www.emptiedout.com
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)