Thou shalt not delete!
11.03.07 19:17 |
Mac OS X
This came up in the chatroom. How do you protect a
folder from being deleted while still being able to
write to it? Locking it directly doesn't work,
locking the parent one does, but then you can't write
to the parent dir. Standard UNIX permissions are of
little help, as there is no such thing as a "delete
bit". Enter Access Control Lists. First let's make
sure they're on:
and then we can just take away the right to delete:
+a always adds an ACE, so to delete one:
Suhweet!
> sudo fsaclctl -p / -e
and then we can just take away the right to delete:
> chmod +a "filipp deny delete" test
> ls -e
drwxr-xr-x + 5 filipp filipp 170 Mar 11 19:15 test
0: user:filipp deny delete
+a always adds an ACE, so to delete one:
> chmod -a# 0 test
Suhweet!
|