Hello all,
I have a potentially intriguing little issue that I need to
resolve with our data storage configuration. This involves file
permissions, groups and users on the file system.
Background:
The network is a hodge-podge of various Windows workstations
that are 'controlled' by a Samba PDC with a Samba BDC acting as THE file
serving system. That's not the main issue, since that is all working
fine and has for nearly 10 months now.
The issue is the end users will sometimes get hyperactive with
their clicking and can occasionally click and drag a folder and drop it
into another folder before they know what has happened. Then, I receive
a call because "It just disappeared! I can't find it!!!" and I have to
drop what I am doing and get into fixing their 'issue'.
Below are some likely to be wonked ASCII representations of a
few file systems that I need to perform a "special" lock-down on.
/share/DATA_MAN/Incoming_Data
|
|
+Customer Name One
|
|
+Customer Name Two
|
|
+Customer Name Three
|
|
+Customer Name Four
The above example is hardly representative of the actual folder
as there are dozens additional customer name based folders. With Windows
Explorer these are all stacked right on top of one another and that can
lead to easy mis-clicks.
Right now, each of the shares are locked down via UNIX file
system permissions and only users within a certain group are capable of
reading/writing into the main directories. What I need to do is make it
possible for them to read and write within those folders, but make it
impossible for them to move, rename, delete or alter those main customer
folders.
However, I have so far found that if I remove the group write
bit on the folder, they are unable to add anything into the folder
itself. Which is exactly what I figured would happen, but I had to test
out that theory prior to writing this up.
This issue seems to be something that has likely plagued System
Administrators for many untold years, since the advent of the GUI and
even prior to the major use of GUI tools. So, I imagine that someone out
there, with coding skills much better then my own (since I can barely
code myself into, let alone out of, a box) will have come up with
something to take care of this issue.
Does anyone have any links or firsthand knowledge to take care
of this minor issue? Unfortunately, my Google-Fu is nowhere near as
powerful as I would like it to be...
Thanks in Advance,
Robert Adkins
IT Manager/Buyer
Impel Industries, Inc.
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
