On Tue, 2008-07-22 at 15:55 +0100, Tom Brown wrote:
Is there any way i can make /opt world readable and make sure these permissions stick to all subfolders and not allow users other than root/sudo to change them?
Make it a seperate filesystem mounted read-only, then remount it rw when you need to make changes.
i cant as the applications need to log there - i just need 'everyone' to be able to read there - i would have thought i could somehow stick the read permissions but it seems that perhaps not.
The only possibilities I see quickly are using chattr and/or acl lists (seems more promising, but not sure as I didn't take the time to really understand the *implied* results).
$ man -k acl acl (5) - Access Control Lists acl (rpm) - Access control list utilities. chacl (1) - change the access control list of a file or directory getfacl (1) - get file access control lists libacl (rpm) - Dynamic library for access control list support. setfacl (1) - set file access control lists
"man chattr".
A *brief* scan doesn't yield an obvious simple solution though. But as mentioned, there may be some implications that might "git 'er done".
<snip>
HTH