Date: Mon, 26 May 2008 09:03:29 -0700 From: Chuck Swiger <cswiger@mac.com> To: Grant Peel <gpeel@thenetnow.com> Cc: freebsd-questions@freebsd.org Subject: Re: Required Directories Message-ID: <369C3C67-9A6F-419A-AA25-FA62D8FD3425@mac.com> In-Reply-To: <2EEC06F1F9B24B31B15CE1DCD095A7C1@GRANT> References: <2EEC06F1F9B24B31B15CE1DCD095A7C1@GRANT>
next in thread | previous in thread | raw e-mail | index | archive | help
On May 26, 2008, at 7:30 AM, Grant Peel wrote: > I have several servers that the users home directories contain > directories that must exists in order for apache and mail to work > correctly. > [ ... ] > Is there a way (by using either proftpd, or setting sticky bit, or > setting the uimmutable flag), that I can prevent the users from > deleting these directories, and still retain the ability for my > (root run) scripts to have the ability to delete them? I think that if you make the directories immutable, the users won't be able to create new files under them. Using root-owned directories which have 1777 permissions would be workable, except that other users could create files under someone else's homedir, also. It's generally not expected that users would not own the stuff under their homedir, or would not be able to delete their files if they want to, even if doing so would break something. Normally, sysadmins code their scripts to re-create any missing directory hierarchy if needed, so that if a user manages to shoot themselves in the foot, the cron jobs will be able to provide first aid. Regards, -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?369C3C67-9A6F-419A-AA25-FA62D8FD3425>