LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 04-23-2005, 11:50 AM   #1
ataraktos2
LQ Newbie
 
Registered: Apr 2005
Posts: 7

Rep: Reputation: 0
reset pwd to root's current pwd?


So, I have a directory owned by root, with execute permission for root only. Everything inside this directory is owned by a regular user, with appropriate permissions.

The root directory is only to control access to the stuff inside it. So I have to su as root to cd into the directory.

Then I'd like to be able to switch back to being a regular user, so I wouldn't be running stuff as root, and so I could connect to my X session.

As root, I'd like to cd into the directory and ctrl-d to return to my regular account *but* have my regular account's pwd now be the same as root's pwd (inside that directory). In other words, I'd like root to be able to drag my regular user account with it, when root goes into the directory.

Of course, though, when I ctrl-d I go back to where I was (outside the directory).

I'm sure there's a way to do this - any advice? (Or a better way to accomplish the same thing? I leave my computer on and logged in all the time, but would like to have some bit of "private space" that's relatively easy to for me to access.)

Thanks.
 
Old 04-23-2005, 11:55 AM   #2
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 197Reputation: 197
I think your making this approach harder than it really is. If this directory is to contain files and directories owned by a user but the directory that holds all of this data is owned and only readable by root, why go thru all that trouble. Having the directory readable only by root does not increase your security.

You know you can have this directory owned by the user and only that user can cd into it, its the same way home directories are created initially.

And stop using su to become root, if your wanting better security, setup and use sudo instead.

But you should really take the more logical approach to file ownership and sharing, etc. Your definitely taking the scenic route approach to placing files owned by a user in a directory only readable by root..
 
Old 04-23-2005, 12:14 PM   #3
ataraktos2
LQ Newbie
 
Registered: Apr 2005
Posts: 7

Original Poster
Rep: Reputation: 0
I just want a directory that someone sitting at my own computer (which stays on and logged in all the time) can't cd into as the regular (logged in) user. But *I'd* like to be able cd into it, and then switch back to my normal user account.

How else could I accomplish this, while leaving my computer logged in as a regular user? We use the computer all the time, but frequently, for just a few minutes to reply to email, look something up online, etc. Logging in/out all the time would be too inconvenient for a lot of what we do.
 
Old 04-23-2005, 12:22 PM   #4
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
If the directory is owned by you, and the group owner is you. Then you don't need to su to root to enter it. Make sure the the permissions on the directory for 'other' is masked out. This includes the 'x' bit on the directory. If the 'x' bit isn't set, a regular user will not be able to list the contents or cd into the directory.

Something a little bit like what you are talking about is setting up sudo so that you enter your own password rather than the root password. This is how Mandrake sets up the sudoers file by default. This way, certain root commands can be allowed to run by certain users ( using sudo ) without having to hand out the root password.
 
Old 04-23-2005, 12:39 PM   #5
ataraktos2
LQ Newbie
 
Registered: Apr 2005
Posts: 7

Original Poster
Rep: Reputation: 0
Okay, I'm not making myself clear ...

My regular user account is logged in, all the time.

Whoever uses my computer (which is logged in under my regular account all the time) can access everything that my regular user account owns.

This is what I don't want.

I want one directory that only I (personally, not whoever is using my account) can enter. I was doing this by su'ing to root, to enter a root-owned directory. But then, I have to remain root while in the directory, I can't connect to X session, etc.

I want to be able to go back to being regular user, but remain in the root-owned directory.
 
Old 04-23-2005, 12:56 PM   #6
setenv02
Member
 
Registered: Apr 2005
Location: Chicago,IL
Distribution: redhat 9
Posts: 32

Rep: Reputation: 15
use sudo

change the /etc/sudoers to the privileges of what you want for that user.
 
Old 04-25-2005, 01:08 AM   #7
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
I believe that the other users can read your files because you all use the default group users. Create a group by the same name as your user name and make that your default group. Also use the chgrp command and change the group ownership of your home directory to that new group. Make sure to clear the other and group permissions on your home directory.

chmod go-rwx ~username

If only the owner of a directory has the 'x' permissions set, all other regular users will not be able to even enter your home directory.

Also, log out when you are done, and give the other users there own home directories.
You can even have them use the same home directory if you want. Or set up a guest account.

Last edited by jschiwal; 04-25-2005 at 01:10 AM.
 
Old 04-25-2005, 10:32 AM   #8
LinuxDave
LQ Newbie
 
Registered: Dec 2004
Posts: 21

Rep: Reputation: 15
You can't "remain in the root-owned directory" as a regular user; you'll only get permission denied errors. That's the way Linux ownership works; if a directory is readable only by root, then it is readable only by root.

If your main concern is the ability to open X sessions from the files in the root-only directory, this can be done. Look into xhost or xauthority.

The easiest way is to run "xhost +localhost" as yourself. Then root will be able to open new windows. (Make sure DISPLAY is set properly for root).

LinuxDave

Quote:
Originally posted by ataraktos2
Okay, I'm not making myself clear ...

My regular user account is logged in, all the time.

Whoever uses my computer (which is logged in under my regular account all the time) can access everything that my regular user account owns.

This is what I don't want.

I want one directory that only I (personally, not whoever is using my account) can enter. I was doing this by su'ing to root, to enter a root-owned directory. But then, I have to remain root while in the directory, I can't connect to X session, etc.

I want to be able to go back to being regular user, but remain in the root-owned directory.
 
Old 04-25-2005, 01:49 PM   #9
bigrigdriver
LQ Addict
 
Registered: Jul 2002
Location: East Centra Illinois, USA
Distribution: Debian Squeeze
Posts: 5,770

Rep: Reputation: 308Reputation: 308Reputation: 308Reputation: 308
A side note: if you want root to also have X session graphics, before you su to root, issue the command 'xhost +localhost', then su to root, and root also has graphics. To remove that, just 'xhost -localhost', and you're back to only the logged in user having graphics.
 
Old 04-25-2005, 08:47 PM   #10
ataraktos2
LQ Newbie
 
Registered: Apr 2005
Posts: 7

Original Poster
Rep: Reputation: 0
thanks!

Thanks for the xhost +/- localhost, that's what I needed for graphics as root/another user.

Not using the default group users, everything's owned by me:me (except the one folder I was trying to give x permission to root only). The other users can read my files because my computer is always logged in as me, so whoever is sitting at the keyboard is "me" ... it's convenient that way, without logging in/logging out just to look up a recipe or tv guide or check email. (startx just takes too long for me, but 90% of that is because I'm impatient! =)

I guess that does make sense, about the permission errors, as if what I were describing were possible (su / cd root dir / ctrl-d but "stay put" in root's dir), it would be really difficult to tell the difference between that and just cd'ing in, as non-root.

Thanks again.
 
Old 04-26-2005, 04:13 AM   #11
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Look for the script /usr/X11R6/bin/sux. If you have it, it does the same thing.

Usage: sux [-c command] [-s shell] [-|-l] [[user] args]
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
changed pwd tekmorph Linux - Security 5 09-15-2004 09:47 PM
PWD question : Current dir not full path facets Programming 2 06-09-2004 04:58 AM
pwd problem naren Programming 1 04-01-2004 04:52 AM
pwd and the directory above sneezesnoeze Linux - Newbie 3 03-26-2004 07:18 AM
pwd Penguin666 Linux - General 1 11-19-2003 07:54 PM


All times are GMT -5. The time now is 08:42 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration