MacOS – Using ACL to allow users to add files but not subdirectories in a folder

aclmacospermission

I am on Mac OS Lion and wants to prevent users from creating sub directories inside a folder but at the same time users should be able to add files to the same directory

The following command does not allow user to add files to the folder

chmod +a "user allow add_file" test

What should I do to allow users to add files and not sub directories?

here are links to

Screen Shot 1

Screen Shot 2

Best Answer

EDIT: The following is a partial solution. It will work at the shell level as expected but in Finder it can be bypassed with the if user is admin or knows the a admin user id & password. See comments below...

Check the man page on chmod and you will find...

 The following permissions are applicable to directories:
       list    List entries.
       search  Look up files by name.
       add_file
               Add a file.
       add_subdirectory
               Add a subdirectory.
       delete_child
               Delete a contained object.  See the file delete permission
               above.

So the command you are looking for is...

$ chmod +a "staff deny add_subdirectory" test

to forbid anyone in group staff from creating sub folder and then testing should give you

$ mkdir test/subtest
mkdir: test/subtest: Permission denied

Where as creating a file...

$ touch test/blah.txt
$

is no problem. You should also find that Finder will have the Create Folder option disabled as well.

HTH

Best Answer

Related Solutions

MacOS – OS X (Mavericks) file sharing: Can only see contents of shared folder, not open files

MacOS – Mavericks: User no longer owner of Home folder and content

Related Question