Hi there
here is interesting problem scenario.Before mentioning it , I have searched first over the internet about the solution but somehow I was not locate it or find it.
Scenario:
OS:CentOS
There is directory named "data" with permission
now whenever a user from the group FH access any one of directory and creates a file that file bears ownership and groupownership of that user .

Expected Help: Is it possible to let users create the directory or files but only user "yat" can delete them.

suppose other users are geller ross joe from group FH , who have privileges. whenever these users create file or dir , they should not able delete it.

BottomLine: Group users should create file but should not be able to delete them.

By the way using sgid bit didnt help .
Any help or suggetion is appreciated, if any error or mistake you notice please notify and forgive.

I don't think there is a way of doing this unfortunately. The permission for creating a file and deleting a file is the same (w), so I don't think you can allow the same user to create files without allowing him to remove them.

If user create files it will become owner of that file/dir and owner of file has right to modify or delete file.

It is not possible to set this permission like user can create file but not delete own file.

Regards,

prolly u can try sticky bit options...

u can also refer to this link.
http://en.wikipedia.org/wiki/Sticky_bit

Hi,

one possibility would be to use incrond. to monitor that directory and change the permissions after file creation accordingly. However, the user would then not be able to write to that file either. I am not sure, if it is possible to configure incrond to discriminate between the 'rm' command and any other command that tries to gain write access to that file.
So check the man pages of incrond thoroughly.

http://linux.die.net/man/8/incrond

[EDIT]
Please clarify if the user who created the file needs to be able to modify it afterwards. There *might* be some ugly solution for your problem.

There are far more ways to delete files. You can make a simple Perl script to delete a file.

try stickybit ; setfacl ; setuid and setgid

Hi,

see the [EDIT] of my post.
Emphasis is on 'might' and 'ugly'.
I am not sure IF it is possible to achieve this in a robust, 100% reliable manner. However, I can think of some possibilities which *might* work. Before I explore them any further, I need some feedback from the OP. Maybe the OP just expressed himself unclear and simply setting the sticky bit would suffice for his purposes. Maybe it is sufficient for the OP to just keep the users from deleting/accessing each others files.

Well I tried to use sticky bit however when a user creates a file he owns that file and sticky bit allows to delete that file by only owner of that file or superuser.
hence sticky bit is out of league .

Well thats what i thought ur original query was, only owner should be able to delete the file.....

Thanks for reply and your time .
Well, the question or expected help is like this :
members of group FH can create the files but they should not own them i.e.whatever they create should be owned by User "YAT" in this case, and group of that file should be "FH".
Is it possible. Well unintelligent way is to change the permission of those file every time users create anything in it. which is unimaginable.Thus Is there any other way to tackle this issue ??

well then its no i would say, because

if members of FH are creating the file to be owned by YAT thats illogical coz when some1 crates a file then he/she has to be an owner of the file(creater of file is the owner no other option.)..thats the only option.

the only option is "chown" after the file is created...infact thats tthe only option.

It would be good if you could explain at a little higher level what you are trying to achieve and why; there may(!) be a better soln.
In the mean time, have a look at inotify: http://linux.die.net/man/7/inotify http://en.wikipedia.org/wiki/Inotify

Yes, have a look at incrond as I already stated. Properly configured this daemon will handle file creation and changing owner to "YAT".
Having no idea and still judging things as unintelligent does not seem smart either ...
The daemon will automatically take care of changing file permissions accordingly, however, you still haven't provided any info if after file creation the users will still need to access the file for writing.
I am getting the impression that you do not read the suggestions provided very carefully.

I'm working on incrond ,"Nobody cares what you think and what impressions you get. In plain and simple English "MIND YOUR OWN BUSINESS AND STOP MAKING ANY PERSONAL COMMENT. MAKING ANY SUCH DOES NOT INTELLIGENT EITHER
If person is willing to help it has be without any fuss.Thanks for reply