I want to remove all write access to files & directories for any user or group while preserving other permissions. Is this possible?
Asked
Active
Viewed 2,766 times
0
1 Answers
2
If you want to remove write access from everyone, you don't need ACLs: traditional permissions will do.
chmod -R a-w /path/to/directory
Note that users can change back the permissions of the files that they own (this would also apply to anything you do with ACL).
If you wanted to use ACL in order to preserve the traditional permissions of the files, you'd have to list every user of the system, or at least every group.
If the filesystem is ext2/ext3/ext4, you can set the immutable attribute. Only root can change the immutable attribute, and it prevents all writes.
chattr -R +i /path/to/directory
There's a good chance that your problem can be solved by mounting the directory in a private location and exposing a read-only view through bindfs. See read only access to all files in a specific sub-folder
Gilles 'SO- stop being evil'
- 829,060
-
Note: you can't create hard links to files with immutable flag. However, you can set immutable flag to already hard linked files (you won't be able to remove or rename any of the linked files). I'm not sure if that behavior is the same in all distributions and file-systems. – lepe Sep 17 '15 at 03:52
bindmount a specific directory over itself as read-only (mount --bind dir dir && mount --bind -o remount,ro dir). You can also make all the files ownedroot:rootandchmod -R a-w dir. You can also set the immutable flag which will make the files unwritable regardless of the permissions. – Stéphane Chazelas Jun 09 '14 at 11:14