maccadu
asked on
Snow Leopard OSX Server ACLs Query
Hi Guys,
I need some assistance with an ACL setup for a particular folder.
The current Setup includes an Existing Folder with Existing files.
Scenario:
All users within a group (Group A) should be able to access all files currently within this folder (Read and Execute). They should not be able to write to these files or delete them etc.
I also want the ability for users to be able to create a file within this folder that they will own. There will be no permissions available on this new (user) file for any other (non-admin users).
Is this scenario possible? If so, what permissions should I be setting on the folder and having the files inherit to meet this requirement?
Thanks in advance for your assistance!
I need some assistance with an ACL setup for a particular folder.
The current Setup includes an Existing Folder with Existing files.
Scenario:
All users within a group (Group A) should be able to access all files currently within this folder (Read and Execute). They should not be able to write to these files or delete them etc.
I also want the ability for users to be able to create a file within this folder that they will own. There will be no permissions available on this new (user) file for any other (non-admin users).
Is this scenario possible? If so, what permissions should I be setting on the folder and having the files inherit to meet this requirement?
Thanks in advance for your assistance!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Mixing ACLs and POSIX permissions can be tricky but it is far from impossible. Just make sure you don't set overlapping rights on either of them. Unfortunately ACLs do not support sticky bit or the behaviour it provides.
Boris Herman, ACSA
Boris Herman, ACSA
ASKER
Thanks Guys. Split the points, as the solutions provided by both were of assistance.
It's also good practice to also avoid collisions/overlap between POSIX & ACL users & groups permissions.