2

I have been learning Linux from few days, and now I am at File Parmissions with sticky bits, I tried the following:

[root@localhost sdcdir]# ll
total 24
drwx------. 2 root root 16384 Mar 21 21:38 lost+found
drwxrws--T. 2 root g1    4096 Mar 23 01:22 testdir

g1 is the group that has Pavan, Sudheer and Surendra as members and Surendra is the group administrator (i.e. gpasswd -A Surendra)

Now, Pavan create a file p1 in testdir:

[Pavan@localhost testdir]$ touch f1
[Pavan@localhost testdir]$ ll
total 0
-rw-rw-r--. 1 Pavan g1 0 Mar 23 01:33 f1
[Pavan@localhost testdir]$

When I am trying to delete it with Surendra Account I am getting error:

[Surendra@localhost sdcdir]$ cd testdir/
[Surendra@localhost testdir]$ ll
total 0
-rw-rw-r--. 1 Pavan g1 0 Mar 23 01:33 f1
[Surendra@localhost testdir]$ rm f1
rm: cannot remove `f1': Operation not permitted
[Surendra@localhost testdir]$

File f1 has g1 as groupowner yet file is not being able to be deleted except by Pavan himself. When setgid, group is set the owner, why cant any member of group delete the file?

surpavan
  • 157
  • 1
  • 8

1 Answers1

0

I think you are trying to delete f1 in sdcdir (what is its permissions?), not in testdir. That may be your problem. in this case f1 is owned by root and only has write permission set for the owner (root) and a user with uid not 0 will not be able to delete it.

To delete a file, you must have both write and execute permission to its directory.

johnshen64
  • 5,747
  • 23
  • 17
  • Sorry for the trouble, correct wrong information, the file f1 is in testdir only – surpavan Mar 22 '12 at 20:29
  • in that case, still you have the issue of having the both the execute and write rights in the entire directory chain, not just the parent directory of the file itself. Not sure what you are trying to achieve, but modern linux supports acl, which may be a better alternative based on what you are trying to do, at least on the surface. – johnshen64 Mar 22 '12 at 20:40
  • ok, so group cannot have control over the entire directory content like what a user can have. Did I understand correctly? – surpavan Mar 22 '12 at 20:41
  • You can say that because directory permissions are more complicated than file permissions. – johnshen64 Mar 22 '12 at 23:43