I have created a directory named demo and gave read, write and execute to a user named demoUser.
What I want is the user to be able to read, write and execute the files of the demo directory, but not be able to delete any of the files. Is that possible?
I tried a technique in which I created 3 Groups: reader, editor and admin. I gave read permission to the reader group and edit permission to the editor group using:
setfacl OPTION X:NAME:Y /DIRECTORYNow I added demoUser to the editor group. The user can read, write and execute files, but they can also delete files.
Is there any way in which demoUser would not able to delete files?