+ Post New Thread
Results 1 to 9 of 9
Mac Thread, Folder Permissions 'challenge' in Technical; I have created a network "student share" folder that all students can access (read/write). I want to put a "rules ...
  1. #1
    theeldergeek
    Guest

    Question Folder Permissions 'challenge'

    I have created a network "student share" folder that all students can access (read/write).

    I want to put a "rules and regs of using this folder README" .pdf in there.

    Although I want the student to be able to read this file, I do not want them to be able to delete it.
    I can't find an easy way to do this.

    So, how do I have a read/write folder but have a read only and delete protected file existing in there too?

    The folder in question exists on our Xserve but is set as a login 'map' on their desktop when students log in.

    Mac OS X

    A virtual pint to the author of the easiest method! (in respect of what I have to do and understand!!)


  2. #2
    Marci's Avatar
    Join Date
    Jun 2008
    Location
    Wakefield, West Yorkshire
    Posts
    895
    Thank Post
    84
    Thanked 235 Times in 194 Posts
    Rep Power
    82
    Terminal...

    What account do you log in as that has local admin permissions for updating this file? Substitute that accounts' login for admin in the below example.

    Code:
    sudo chown admin:system /path/to/filename.meh && chmod 744 /path/to/filename.meh
    First part of command sets the owner of the file to the supplied username, and group... second part makes it read/write/executeable to the owner (the 7), read only to group members (4), read only to everyone else (4).

    If you're logged in as the local admin user, then you can do what you want with the file... if you're logged in as anyone else, then it's completely read only, despite residing in a read/write enabled folder.
    Last edited by Marci; 8th June 2009 at 09:11 PM.

  3. Thanks to Marci from:


  4. #3
    theeldergeek
    Guest
    Quote Originally Posted by Marci View Post
    Terminal...

    What account do you log in as that has local admin permissions for updating this file? Substitute that accounts' login for [admin] in the below example.

    Code:
    sudo chown [admin]:nobody /path/to/filename.meh && chmod 744 /path/to/filename.meh
    If you're logged in as the local admin user, then you can do what you want with the file... if you're logged in as anyone else, then it's completely read only, despite residing in a read/wrtie enabled folder.
    Wow thanks! Will try it tomorrow when I can access the Xserve.

  5. #4
    theeldergeek
    Guest
    Quote Originally Posted by Marci View Post
    Terminal...

    What account do you log in as that has local admin permissions for updating this file? Substitute that accounts' login for admin in the below example.

    Code:
    sudo chown admin:system /path/to/filename.meh && chmod 744 /path/to/filename.meh
    First part of command sets the owner of the file to the supplied username, and group... second part makes it read/write/executeable to the owner (the 7), read only to group members (4), read only to everyone else (4).

    If you're logged in as the local admin user, then you can do what you want with the file... if you're logged in as anyone else, then it's completely read only, despite residing in a read/write enabled folder.
    OK, didn't work :-(

    the file is called readme.pdf residing in a folder called Student Share on a volume called Data

    so what I actually typed into terminal was :

    sudo chown sadmin:system /volumes/data/'Student Share'/readme.pdf && chmod 744 /volumes/data/'Student Share'/readme.pdf

    Press "Enter" and the terminal reports "chown: system: invalid argument"

    Clearly I'm doing something wrong.

    *update*

    I can set the owner OK, done that in terminal and confirmed this with "get info".

    What doesn't seem to be working is the chmod part because I can still rename the file as another user, so clearly the read only permission is not being set.
    Last edited by theeldergeek; 9th June 2009 at 08:52 AM.

  6. #5
    Marci's Avatar
    Join Date
    Jun 2008
    Location
    Wakefield, West Yorkshire
    Posts
    895
    Thank Post
    84
    Thanked 235 Times in 194 Posts
    Rep Power
    82
    terminal reports "chown: system: invalid argument"
    That means that you don't have a group on your server called system.

    In terminal...

    Code:
    sudo touch /tmp/test.fil
    cd /tmp
    ls -ltra
    You should see back something as follows...

    -rw-r--r-- 1 user group 0 9 Jun 08:47 test.fil

    What's in bold is what you need for the chown... so it'd be...

    Code:
    chown user:group /path/to/filename.meh && chmod *snip*
    If it still lets users do stuff to it, then it's inheriting permissions of the share so you need to remove inheritance on that file...

    Code:
    chmod -I /path/to/filename.meh && chown user:group /path/to/filename.meh && chmod 744 *snip*
    Last edited by Marci; 9th June 2009 at 09:06 AM.

  7. #6
    theeldergeek
    Guest
    Quote Originally Posted by Marci View Post
    That means that you don't have a group on your server called system.

    In terminal...

    Code:
    sudo touch /tmp/test.fil
    cd /tmp
    ls -ltra
    You should see back something as follows...

    -rw-r--r-- 1 user group 0 9 Jun 08:47 test.fil

    What's in bold is what you need for the chown... so it'd be...

    Code:
    chown user:group /path/to/filename.meh && chmod *snip*
    If it still lets users do stuff to it, then it's inheriting permissions of the share so you need to remove inheritance on that file...

    Code:
    chmod -I /path/to/filename.meh && chown user:group /path/to/filename.meh && chmod 744 *snip*
    Clearly something I'm doing isn't right.

    If I type:

    Code:
    ls -l readme.pdf
    I get:

    Code:
    -rwxr--r-- 1 sadmin:wheel
    so permissions seem to be in order.

    however, the file can still be renamed/deleted by anyone.

    so, trying the inherited permissions approach, I try:

    Code:
    sudo chmod -I readme.pdf
    I then get the response:

    Code:
    chmod: No ACL currently associated with the file 'readme.pdf'
    ?????

  8. #7
    Marci's Avatar
    Join Date
    Jun 2008
    Location
    Wakefield, West Yorkshire
    Posts
    895
    Thank Post
    84
    Thanked 235 Times in 194 Posts
    Rep Power
    82
    Dammit. Wish OSX'd stick to working by the rulebook...

    Anyways... only fix I can find for you is to create a folder in there called "Rules and Regs"

    Head to ServerAdmin > FileSharing > Sharepoints > Browse...

    Browse thru your sharepoint til you hit your new folder. Select it. Hit the cog-button and choose "Make Inherited Entries Explicit", and that should then free up the ACL entries to be edited (they will have been greyed out previously as they were defined by inheritance)... and set whichever user types you want to readonly etc... and then pop your rules files inside that folder.

  9. #8
    rolfea's Avatar
    Join Date
    Nov 2008
    Location
    Hereford
    Posts
    682
    Thank Post
    66
    Thanked 50 Times in 25 Posts
    Rep Power
    21
    Can't you just right click the file, get info and check the settings in there.

    Might need to check the file doesn't inherit permissions in Server Admin, so the folder's permissions doesn't apply to all descendants before hand.

    edit: sorry to repeat, I hadn't refreshed this page, done a job then come back to it and hadn't realised there was another reply.

    But if you log in as the Server Admin, should be able to change all the permissions from the Get Info panel.

    Or have I over simplified your problem?
    Last edited by rolfea; 9th June 2009 at 10:53 AM.

  10. #9
    theeldergeek
    Guest
    Quote Originally Posted by Marci View Post
    Dammit. Wish OSX'd stick to working by the rulebook...

    Anyways... only fix I can find for you is to create a folder in there called "Rules and Regs"

    Head to ServerAdmin > FileSharing > Sharepoints > Browse...

    Browse thru your sharepoint til you hit your new folder. Select it. Hit the cog-button and choose "Make Inherited Entries Explicit", and that should then free up the ACL entries to be edited (they will have been greyed out previously as they were defined by inheritance)... and set whichever user types you want to readonly etc... and then pop your rules files inside that folder.

    I've solved it!

    on the server, I've 'got info' on the file, set permissions to read only for everyone (except admin) and then 'locked' the file using the checkbox within the info pane!

    Seems to have worked!

    Just doing some extended testing now....

SHARE:
+ Post New Thread

Similar Threads

  1. Folder Redirection and Permissions
    By bmittleider in forum Windows Server 2008
    Replies: 1
    Last Post: 11th June 2009, 02:23 PM
  2. FTP Folder Permissions...
    By RTi in forum EduGeek Joomla 1.5 Package
    Replies: 5
    Last Post: 21st July 2008, 08:44 AM
  3. Folder Permissions on a Different Domain
    By sqdge in forum Windows
    Replies: 5
    Last Post: 23rd January 2008, 11:39 AM
  4. Folder Permissions
    By wesleyw in forum Windows
    Replies: 6
    Last Post: 9th January 2007, 08:25 PM
  5. DPS Folder Permissions
    By ajbritton in forum ICT KS3 SATS Tests
    Replies: 2
    Last Post: 18th December 2006, 11:09 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •