LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-23-2007, 08:32 AM   #1
akuma_linux
Member
 
Registered: Aug 2006
Distribution: Ubuntu, CentOS
Posts: 31

Rep: Reputation: 15
chmod / setuid


Hello,

General enquirey please -

i have a folder /root/testdir/ with permissions set as :

Code:
drwxr-xr-x 2 root root 4096 2007-10-23 12:50 test/
if i want only the user 'testuser' to have read/write/execute permissions on this directory what command would i use?

Thankyou in advance.
 
Old 10-23-2007, 08:52 AM   #2
Dinithion
Member
 
Registered: Oct 2007
Location: Norway
Distribution: Slackware 14.1
Posts: 446

Rep: Reputation: 59
Well, first, to access that folder, testuser would need to be a root user to access /root. Since everybody who can access /root is a member of root, you can't block someone out of /root/testdir. I don't know what your up to, learning or actually block everyone but testuser out of one folder. Notice that root and other members of the root-group always will have access to everything, so as long as this folder is in /root/ you will not be able to test it out properly. And to clear things up. You can't stop root from accessing things.

So, if learning is what you want, I suggest to move the directory to /tmp or /home or some other place.

Anyhow you can achieve to block everyone but testuser out of a directory like this:
chown testuser testdir
group to something, ie testgroup (Actually optional, but it's nice to do it)
chgrp testgroup /root/testdir
This could be done in one command
chown testuser.testgroup /root/testdir
Make sure testgroup exist.

Then change the modes:
chmod u=rwx,og= /root/testdir
That will set rwx for user (testuser) and nothing to the group and others.

Last edited by Dinithion; 10-23-2007 at 08:54 AM. Reason: Typos
 
Old 10-23-2007, 09:20 AM   #3
akuma_linux
Member
 
Registered: Aug 2006
Distribution: Ubuntu, CentOS
Posts: 31

Original Poster
Rep: Reputation: 15
Hello,

Thanks for the reply, very much appreciated. However, i feel i should revise my original question. (p.s. i am trying to learn and not cause any malicious damage to a system, so my appologies for using /root/testdir as an example).

What i would like to know is this :

If i have any folder at all, e.g. /test/testdir and the permissions are set to :

Code:
drwxr-xr-x 2 cmc cmc 4096 2007-10-23 14:12 testdir
How would i allow read/write/execute access to this folder to only one other user? For example, with the folder above, the users root and cmc have access just now, however i wish for another user called 'testuser' to have read/wrte/execute permission on this folder also, so that only the users root, cmc and testuser have read/write/execute access to this folder, and no other users can write to it. If possible, i would like to avoid changing the owner or the group of the folder /test/testdir/

Thankyou in advance.
 
Old 10-23-2007, 09:45 AM   #4
Dinithion
Member
 
Registered: Oct 2007
Location: Norway
Distribution: Slackware 14.1
Posts: 446

Rep: Reputation: 59
Well, thats the deal with *nix filesystem. They have a really straightforward policy. Either your owner, in the group or your someone else. So in this case, you have some solutions, but none like you are seeking.

1. You could have to create a group, and put cmc and testuser in to this group and change the group of the folder. (What you didn't want but it works).
Pros: Can be extended with more people to access file.
Cons: You have to change the group.

2. If you have one group for each user (It looks like you have), you can change the group to testuser.
Pros: You achieve what you want
Cons: You have to change the group.

3. Start using ACL. This is somewhat the same as the one you find in Windows. You can add more users with read/write permissions, without changing the owner, add groups with read/write, and do a lot of funky stuff. This should cover your needs.
Pros: You achieve exactly what you want. Its flexible, and ideal for fileservers, nfs, multiusercomputers sambashares etc.
Cons: You have to install software and enable ACL in the kernel (If it's not already activated). It's a bit more confusing then the traditional rwx, but its toppers when you first get it. Another con that I'm not sure of is the security of this system. I can't see any real danger or flaws, but who knows?
 
Old 10-23-2007, 09:52 AM   #5
akuma_linux
Member
 
Registered: Aug 2006
Distribution: Ubuntu, CentOS
Posts: 31

Original Poster
Rep: Reputation: 15
Dinithion thanks very much for all the help and advice, i really appreciate it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
chmod 775 to only the directories and chmod 664 to only the files? apachenew Linux - Security 6 09-27-2007 04:26 PM
chmod, external usb, vfat - can't chmod a directory itsjustme Slackware 2 04-02-2006 05:23 PM
What can we do if we type chmod ugo-x /bin/chmod ?????? bunny123 Linux - Software 3 02-01-2005 09:53 PM
CHMOD in shell : chmod 777 /usr/ <---is that right? cpanelskindepot Programming 5 07-16-2004 06:37 AM
setuid Help devinWhalen Linux - General 2 12-03-2003 10:57 AM


All times are GMT -5. The time now is 06:42 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration