Thanks Danny.
I've got ACL setup on the common directory already and it works for most things. Just looking through my notes as it's an old problem, but it seems one area which the ACL doesn't work is if a staff member creates a file somewhere else then moves that file into the directory. In this situation the file permissions are kept the same and other staff cannot write changes to that file. Currently to get around this I to a 'chmod' & 'chgrp' every 5minutes on a huge directory, which creates a lot of unnecessary IO and it's a dodgy work around.
Looks like this guy is having the same problem, but the answer with the linux-acl-observer is now a broken link and no code there.
I'm wondering if this is a bug/lack of feature in ACL itself and something that should be addressed there. Maybe an extra flag to force new files which are moved into the directory to also follow suit and apply the default group and permissions.
I've also used the g+s on chmod but that also only works for files created within that directory.
I've tried using file watchers such as rb-inotify and running a script that watches for any activity in that directory and setting the user, group and permissions, but some programs I noticed will create the file, trigger the inotify, then change the permissions within the app after the file has been created, hence bypassing my override.
from
Mick