(I previously posted this on superuser, but thinks this question is a better fit for this stackexchange...)
Let's say I have a directory some_dir, and a group some_group with a number of users. I would like that all users in some_group are allowed to:
- Create files and directories inside
some_dir; - Are allowed to read each other's files;
- Are not allowed to change/delete each other's files.
I tried setting this up using group rights, but if I set for example:
chgrp -R some_group some_dir
chmod -R g=rwxs some_dir
Users are allowed to change/delete each other files, which I don't want. But if I remove the w from the chmod command, then users no longer have the rights to create new directories/files in some_dir...
I'm sure I'm missing something simple, but I can't think of a way to set this up properly with chmod or ACLs?
UPDATE based on a previous comment (at superuser), I've been looking into the "sticky bit" option, which (when set), should prevent non-owners from deleting a file (if I understand it correctly). That leads to something like:
chmod -R 3770 some_dir
(https://chmodcommand.com/chmod-3770/), but after running this command, a non-privileged user can still delete files from others.
