0

I want to set a folder such that anything created within it (directories, files) inherit default permissions and group , by anyuser (root also)

so , the content of this folder will be deleted by my user

Improve this question
2
  • This question is unclear: What OS? - I'm assuming Linux. Are you wanting a directory where anybody (including root) writes here will always have a specific user/group? Doesn't work that way on Linux although root can easily change any file/directory ownership recursively.
    – Peleion
    May 5, 2020 at 16:00
  • I use Centos Linux .. i am waiting for a folder where anyboody can write here , (subfolder and file) , so i can delete the content with my user ; without use sudo
    – Quentin Merlin
    May 5, 2020 at 16:40

2 Answers 2

Reset to default
2

So, you'll need to be using a filesystem that supports User and Group ACL's (ext4 and xfs both do; but ext4 needs to be mounted with "acl" option set - "mount -o defaults,acl", for example)

Then you just need to set the default facl to include full permissions for your user and r/x for everyone else. Say the directory the files need to be in is called /directory and your user is called MYUSER, and you put "all other users" in a group called USERS, you'd do something like this: setfacl -d -m u:MYUSER:rwx /directory setfacl -d -m g:USERS:r-x /directory setfacl -m g:USERS:r-x /directory setfacl -m u:MYUSER:rwx /directory Now any new files created in /directory are readable, writable, and executable by you; but only readable and executable by the USERS group.

To learn more about the use of filesystem ACLs, you can consult RedHat's excellent documentation

Improve this answer
4
  • 1
    Nice solution. I was trying to avoid having the OP dive into SELinux configuration
    – Peleion
    May 5, 2020 at 17:40
  • Agreed - technically, ACLs aren't SE Linux. They're complicated in their own right, but in a way that builds more naturally on filesystem permissions than SE Linux contexts do.
    – Omar Buhidma
    May 5, 2020 at 17:41
  • No , but i need also the file is writable by author ; in this case , any user can write a file , i can delete them
    – Quentin Merlin
    May 6, 2020 at 6:52
  • Deleting and writing are the same permission. If you can write, you can delete - there's no good way around that issue (short of a complicated architecture where users write files in one place and a sync process of some sort - say lsync or some such - moves them to a place where another user can delete them).
    – Omar Buhidma
    May 6, 2020 at 16:45
1

folder where anyboody can write here , (subfolder and file)

You can set the main folder's permissions: chmod 0777 but other users cannot access it unless the same permissions exist all the way to the root directory - not a good security measure in home directories. In addition SELinux permissions may cause problems with users writing outside their home directories.

i can delete the content with my user ; without use sudo

Deleting files created in such a directory would still have to be done as sudo/root unless the files are all created with a specific group with group write permissions and your user is also a member.

In short, what you're asking to do is not really feasible.

Improve this answer
2
  • Actually, it's feasible - you'll just need to use FileSystem ACL's instead of Filesystem Permissions (setfacl/getfacl instead of chmod/ls)
    – Omar Buhidma
    May 5, 2020 at 17:29
  • How i can use acl ?
    – Quentin Merlin
    May 5, 2020 at 19:56

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .