From e71c737e517b4ad27102a91897e447c1bab0df0d Mon Sep 17 00:00:00 2001
From: Matthew K Defenderfer <mdefende@uab.edu>
Date: Tue, 22 Oct 2024 15:24:41 -0500
Subject: [PATCH] Remove sticky bit from the root log directory and set SGID
 instead to allow directories and files to inherit group assignment. Assign
 sticky bit to 'raw' subdirectory to further prevent anyone from deleting the
 raw log file

---
 src/run-policy/run-mmpol.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/run-policy/run-mmpol.sh b/src/run-policy/run-mmpol.sh
index b20175e..77c21c0 100755
--- a/src/run-policy/run-mmpol.sh
+++ b/src/run-policy/run-mmpol.sh
@@ -127,7 +127,7 @@ if [[ ! ${dry_run} ]]; then
     log_dir="${outdir}/${log_name}"
 
     mkdir -p ${log_dir}/raw
-    chmod 1770 ${log_dir}
+    chmod 2770 ${log_dir}
 
     # tag output file with run metadata
     raw_log_file=$(find ${outdir} -maxdepth 1 -name "list-${SLURM_JOBID}*" -type f | head -1)
@@ -136,7 +136,7 @@ if [[ ! ${dry_run} ]]; then
         gzip ${log_dir}/raw/${log_name}
 
         chmod 440 ${log_dir}/raw/${log_name}.gz
-        chmod 550 ${log_dir}/raw
+        chmod 1550 ${log_dir}/raw
     fi
 
     chown -R ${USER}:atlab ${log_dir}
-- 
GitLab