Hello,
i need some help/advice on how to solve a particular problem.
these are the users:
|name | group |
---------- ---------------
|boss | department1 |
|assistant | department1 |
|employee | department1 |
|spy | department2 |
this is the hierarchy of my files:
----------------------------------
| name ( file_perms owner group ) |
----------------------------------
dept1data ( rwxr-x--- boss department1 )
|
|
|-----subdir1( boss department1 rwxr-x--- )
| |
| (jungle)
|
|-----subdir2 ( boss department1 rwxr-x--- )
| |
| (jungle)
|
(many more)
basically only the boss can write or create files, the assistant and the employee can read, the spy has no access.
now i need to give the assistant write permissions on the subdir1 (and all of it's subdirs & files)
should i do this:
$ setfacl -R -m u:assistant:w subdir1
and should i do it everytime a file is created under subdir1?
is there a better solution to my problem?
PS: users access the directory from a windows pc, the samba server is debian 4.0r3 (acl enabled)