I know this is an old post but I had similar question which I think I have understood now so I am just putting it out there in case it is helpful to someone else searching for this. Also I don't think Methus' is original question got answer completely so here goes. Please correct me if I am wrong.
Lets say you have a directory called "Docs" permissions as follows (note: no sticky bit)
Code:
drwxrwx--- 2 root users 4096 Jul 8 04:47 Docs
And two files inside the directory "Docs" file1 created by alice and file2 created by bob with permission as follows:
Code:
-rw-r----- 1 alice alice 5 Jul 8 00:28 file1
-rw-r----- 1 bob bob 9 Jul 7 21:52 file2
In this case bob would be able to delete file1 even though he has only read access to the file (in either owner or group permissions). Actually it is the permissions on the directory that determine if bob can delete the file so in this case bob has write permissions on the directory (because he is in the "users" group).
Now lets say we add a sticky bit to "Docs"
And so now "Docs" permission becomes (with sticky bit):
Code:
drwxrwx--T 2 root users 4096 Jul 8 04:47 Docs
Now bob will not be able to delete alice's file1 because of the Sticky bit.... I think this is what you wanted Methus. In this case only the owner (alice) of file1 can delete it.
If you want to implement this with Samba just use "force directory mode = 1000" in the /etc/samba/smb.conf config file for the your share and then every folder you create under that share will have the sticky bit set. See this. More specifically "force directory mode" does a 'OR'ing of permission bits so that every permission number will have 1 in the beginning eg: 0755 OR 1000 = 1755 => folder with sticky bit.
Example smb.conf code:
Code:
[Docs]
writeable = yes
path = /Docs
force directory mode = 1000
With regard to Setting the SUID/SGID bits you might wanna check this link out.
Adv Reply
Originally Posted by Methus
Bookmarks