I have a release area that I (not a super user) manage. Nominally the privileges are 444 (Only read access for myself, group, and everyone). I don't want myself or a group to nominally have write access.
When I do a new release I need to allow myself to add to the directory (chmod 644 my_dir). When I'm done, I change it back. (chmod 444 my_dir)
This works fine except when I'm gone or get hit by a bus. What I'd like is group that could do this (e.g. tool_admins). However, if something has 444 privileges, only I, the owner of the directory, am allowed to change the privileges.
Is there any way to do this? The only way I could think of is for everyone to have a separate 'tool_admin' user that they could log into only when they are doing admin things. (e.g. nanotek_tool_admin) and the privileges be 774 nominally. But that seems ridiculous.
