I want to allow a regular user (group of admins) to chown a file that they own to another user. By default only root can do this. I know I can get around this with SUID and SUDO, but I want to be more restrictive than just letting the users run the chown command as root on any file.
I would like to write a script that first verifies that the user owns the file and that the user is not going to change the owner to certain owners (e.g root). So rather than open up unlimited chown access, I want to only run the command as root after checking some things in the script. Any way to do this?