can't change ownership on files

Rick Stevens rstevens at vitalstream.com
Fri Apr 22 23:36:04 UTC 2005 

Waldher, Travis R wrote:
>>-----Original Message-----
>>From: Rick Stevens [mailto:rstevens at vitalstream.com]
>>Sent: Friday, April 22, 2005 3:40 PM
>>To: Getting started with Red Hat Linux
>>Subject: Re: can't change ownership on files
>>
>>Waldher, Travis R wrote:
>>
>>>>-----Original Message-----
>>>>From: Rick Stevens [mailto:rstevens at vitalstream.com]
>>>>Sent: Friday, April 22, 2005 1:24 PM
>>>>To: Getting started with Red Hat Linux
>>>>Subject: Re: can't change ownership on files
>>>>
>>>>Waldher, Travis R wrote:
>>>>
>>>>
>>>>>[user at host /tmp]$ chown user2 test
>>>>>chown: changing ownership of `test': Operation not permitted
>>>>>[user at host /tmp]$
>>>>>
>>>>>That about sums it up.  I need non-root users to be able to change
>>>>>ownership on files.
>>>>
>>>>You defeat the purpose of permissions if you allow anyone to change
>>>>ownership of a file.  That's normally reserved for root or the
>>>
>>>original
>>>
>>>
>>>>owner of the file, and it's inherent in the "w" part of the
>>>
>>>permissions.
>>>
>>>Ok, I wasn't clear.
>>>
>>>I as the owner owner can't change the ownership of my own files:
>>>
>>>[user at host /]$ whoami
>>>user
>>>[user at host /]$ cd /tmp
>>>[user at host /tmp]$ touch test
>>>[user at host /tmp]$ ls -al test
>>>-rw-rw-r--    1 user  unixadm         0 Apr 22 15:20 test
>>>[user at host /tmp]$ chown user2 test
>>>chown: changing ownership of `test': Operation not permitted
>>>[user at host /tmp]$ ls -al test
>>>-rw-rw-r--    1 user  unixadm         0 Apr 22 15:20 test
>>>[user at host /tmp]$
>>>
>>>I should be able to change the ownership of my own files without
> 
> being
> 
>>>root.  Correct?
>>
>>Actually, in Linux, no.  Changing owners and groups is restricted to
>>root only.  IRIX and Solaris have work arounds, but not in Linux.  My
>>mistake.
>>
>>You could permit it in sudo.
> 
> 
> Ew... 
> 
> Beyond that there is not hack/tweak I can make?
> 
> Sudo would basically open up chown/chgrp for any file on local disk, and
> any filesystem that is mounted with root level access.  Correct?

Yup.  You still haven't said why they need to chown a file.  There is
virtually never a good reason to allow that.

If people need to share a file, make them all part of the same group and
grant rwx group to each file or, alternately, allow the users to join
other groups by putting their usernames in /etc/group or allowing the 
"newgrp" command.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-      Cuteness can be overcome through sufficient bastardry         -
-                                         --Mark 'Kamikaze' Hughes   -
----------------------------------------------------------------------

More information about the Redhat-install-list mailing list