can't change ownership on files
Rick Stevens
rstevens at vitalstream.com
Fri Apr 22 23:36:04 UTC 2005
Waldher, Travis R wrote:
>>-----Original Message-----
>>From: Rick Stevens [mailto:rstevens at vitalstream.com]
>>Sent: Friday, April 22, 2005 3:40 PM
>>To: Getting started with Red Hat Linux
>>Subject: Re: can't change ownership on files
>>
>>Waldher, Travis R wrote:
>>
>>>>-----Original Message-----
>>>>From: Rick Stevens [mailto:rstevens at vitalstream.com]
>>>>Sent: Friday, April 22, 2005 1:24 PM
>>>>To: Getting started with Red Hat Linux
>>>>Subject: Re: can't change ownership on files
>>>>
>>>>Waldher, Travis R wrote:
>>>>
>>>>
>>>>>[user at host /tmp]$ chown user2 test
>>>>>chown: changing ownership of `test': Operation not permitted
>>>>>[user at host /tmp]$
>>>>>
>>>>>That about sums it up. I need non-root users to be able to change
>>>>>ownership on files.
>>>>
>>>>You defeat the purpose of permissions if you allow anyone to change
>>>>ownership of a file. That's normally reserved for root or the
>>>
>>>original
>>>
>>>
>>>>owner of the file, and it's inherent in the "w" part of the
>>>
>>>permissions.
>>>
>>>Ok, I wasn't clear.
>>>
>>>I as the owner owner can't change the ownership of my own files:
>>>
>>>[user at host /]$ whoami
>>>user
>>>[user at host /]$ cd /tmp
>>>[user at host /tmp]$ touch test
>>>[user at host /tmp]$ ls -al test
>>>-rw-rw-r-- 1 user unixadm 0 Apr 22 15:20 test
>>>[user at host /tmp]$ chown user2 test
>>>chown: changing ownership of `test': Operation not permitted
>>>[user at host /tmp]$ ls -al test
>>>-rw-rw-r-- 1 user unixadm 0 Apr 22 15:20 test
>>>[user at host /tmp]$
>>>
>>>I should be able to change the ownership of my own files without
>
> being
>
>>>root. Correct?
>>
>>Actually, in Linux, no. Changing owners and groups is restricted to
>>root only. IRIX and Solaris have work arounds, but not in Linux. My
>>mistake.
>>
>>You could permit it in sudo.
>
>
> Ew...
>
> Beyond that there is not hack/tweak I can make?
>
> Sudo would basically open up chown/chgrp for any file on local disk, and
> any filesystem that is mounted with root level access. Correct?
Yup. You still haven't said why they need to chown a file. There is
virtually never a good reason to allow that.
If people need to share a file, make them all part of the same group and
grant rwx group to each file or, alternately, allow the users to join
other groups by putting their usernames in /etc/group or allowing the
"newgrp" command.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Cuteness can be overcome through sufficient bastardry -
- --Mark 'Kamikaze' Hughes -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list