Hi,
We have 2 users and one directory (dir). One user is admin user and other use r is operator user. who is responsible for just executing the scripts e.g. startWeblogic and stopWeblogic etc, we want to restrict this operator user in such a way that he can only execute these files and he should NOT be able to delete or change these files but he should be able to VIEW these files
I want that one user (user1)
1) should be able to run/execute any script/file
2) should NOT be able to delete these files
3) should NOT able to change these files
4) should be able to write a new file in directory as when user is executing the script then it creates log file so it is required else script will fail
5) should be able to view the files
I tried like this
created a directory with user2(admin) with all files
1) chmod -R 775 <dir>
2) cd <dir>
3) find . -type f | xargs chmod 755
Now my user1 who is in same group as user2 is able to do the following
1) able to run/execute any script/file
2) able to delete these files [he is able to delete files
]
3) NOT able to change these files
4) able to write a new file in directory as when user is executing the script then it creates log file
5) able to view the files
my only worry is step 2, i dont want this user to delete these files but when i give 755 permision then he is able to delete if i give some other permission then he is not able to execute scripts.
Please let me know what is the best way and how can we achieve it
Thanks
Rel