On Tue, 2008-07-22 at 15:55 +0100, Tom Brown wrote: > >> Is there any way i can make /opt world readable and make sure these > >> permissions stick to all subfolders and not allow users other than > >> root/sudo to change them? > >> > > > > Make it a seperate filesystem mounted read-only, then remount it rw when > > you need to make changes. > > > > i cant as the applications need to log there - i just need 'everyone' to > be able to read there - i would have thought i could somehow stick the > read permissions but it seems that perhaps not. The only possibilities I see quickly are using chattr and/or acl lists (seems more promising, but not sure as I didn't take the time to really understand the *implied* results). $ man -k acl acl (5) - Access Control Lists acl (rpm) - Access control list utilities. chacl (1) - change the access control list of a file or directory getfacl (1) - get file access control lists libacl (rpm) - Dynamic library for access control list support. setfacl (1) - set file access control lists "man chattr". A *brief* scan doesn't yield an obvious simple solution though. But as mentioned, there may be some implications that might "git 'er done". > <snip> HTH -- Bill