Hi, I have to solve an apparently simple permission problem, and I don't know if it's the sunny weather or birdsong, well... I just can't figure it out. Here goes. I have a bunch of users in a public library. Some are "administrators": they handle the library, write the docs for everyone, etc. Then you have the "agents", who take care of lending books and fetch them when they get returned. And then you have the odd anonymous user, using the PC with a guest account. Let's make thing simple and start out with one machine. Every single user has a /home/<user> directory. Plus, I added the following directories: /home/pub and /home/echange Then, I created two groups, "administrators" and "agents". Here's what I'd like to achieve (but I think my IQ is just below the required limit :oD): 1) Members of the "administrators" group have unlimited read/write access to /home/pub and below. 2) Members of the "agents" group have read-only access to /home/pub and below. 3) All the others (that is, members of neither "administrators" and "agents") have no access at all to /home/pub, not even for listing the directory content. The thing is: I can't seem to formulate my problem in terms of user/group/others, as there are no owners, but two distinct groups involved. Any idea how to crack that nut? Niki