This may be an odd question but: Is there any way of adding read, write and execute permissions for specific users and/or groups, for a few files, without changing the listed owner/group permissions?
I'm running on Ubuntu 10.10, using bash to install a group of programs. These include Apache2, PHP5. The agent doing the initial installation is root. The agent which ships the code onto the machine is non-root (let's call it "cap"). Root has access of course to /var, /etc and so on. Cap does not. However, Cap is the one which needs to startup and shutdown Apache, place the web application in /var/www, and so on.
Ops are wary of changing group permissions using chmod or chown. E.g. they do not want to see the example below:
-rw-r--r-- 1 root root 3784 2013-03-29 15:45 file
Changing to:
-rw-r--r-- 1 cap non-root 3784 2013-03-29 15:45 file
The only alternative I can see is ACL which seems to have finer grained control of who is allowed to rwx which files. But it seems to need you to remount the partition, which ops will disapprove of.
Can this be achieved?