On Sun, Dec 13, 2015 at 3:02 PM, Michelle <miche...@msknight.com> wrote:
> > All I'm trying to do, is ensure that all files written within a > directory, have the same ownership as the directory itself, no matter > what account actually writes them. > Unfortunately, that's something you can't do. There's the setgid bit you can set on a directory, which ensures all newly created files have the same group as the directory, but there's no corresponding facility for the file owner. Using ACLs can allow you limited control over permissions - and you can extend permissions to multiple users and groups (rather than the single group that you normally use with traditional unix permissions). But even with ACLs you can only set the initial permissions on newly created files. If the application you're using to add the files starts to manipulate permissions itself (and many do) then even ACLs can't help you. What I normally do is: 1. Use basic unix groups to control access 2. Use the permissions of the top-level directory to act as a primary access filter - make it group owned by the appropriate group, usually setgid, and don't allow any access to other if you want to keep it private (mode 770). 3. If you can, control the application(s). For instance, you can tell samba what the default permissions should be. 4. For when all else fails, have a cron job that fixes up anything that's become broken. -- -Peter Tribble http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ _______________________________________________ openindiana-discuss mailing list openindiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss