| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-SWARE-Spam-Status: | No, hits=-2.5 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS |
| X-Spam-Check-By: | sourceware.org |
| Message-ID: | <4AE08085.5060903@cygwin.com> |
| Date: | Thu, 22 Oct 2009 11:55:49 -0400 |
| From: | "Larry Hall (Cygwin)" <reply-to-list-only-lh AT cygwin DOT com> |
| Reply-To: | cygwin AT cygwin DOT com |
| User-Agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.21) Gecko/20090320 Remi/2.0.0.21-1.fc8.remi Lightning/0.9 Thunderbird/2.0.0.21 Mnenhy/0.7.5.0 |
| MIME-Version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: How to deny directory-access for one dedicated user |
| References: | <hb2bil$o3s$1 AT ger DOT gmane DOT org> <416096c60910131027g3df5021ei9b15ab5067353ce0 AT mail DOT gmail DOT com> <4AD4D5FB DOT 4000906 AT gmail DOT com> <hbcd9m$l73$1 AT ger DOT gmane DOT org> <4AD9EB0E DOT 80601 AT gmail DOT com> |
| In-Reply-To: | <4AD9EB0E.80601@gmail.com> |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
On 10/17/2009 12:04 PM, Dave Korn wrote: > Matthias Meyer wrote: > >> How to solve my goal? >> The user "backup" should backup all data but not certain directories. > > It cannot be done. Your two requirements amount to: > > 1- I want the backup user to be able to access all files and directories > without restriction. > 2- I want the backup user to be restricted from accessing certain files and > directories. > > As a matter of plain logic, these requirements just cannot both be satisfied > simultaneously in the same universe! There is no means to give the backup > user privileges to access only-some-but-not-all of the files that the ACLs say > it should not have access to, because it would essentially require an entire > second level of ACLs on every file in the system to keep track of which files > the backup privilege gave access to and which files it did not. One point that hasn't been made so far (that I could see) was that while the backup user has access to the entire file system, it is not required that you backup the entire file system if you don't want to. You can always exclude the directories you don't want from your backup operation. This can be done through exclusion lists rather than relying on access permissions. Different functionality for sure bu it will achieve the same end. -- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 216 Dalton Rd. (508) 893-9889 - FAX Holliston, MA 01746 _____________________________________________________________________ A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting annoying in email? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |