CLI How to change folder access permission for particular user

sfkong · 07-17-2008, 05:23 AM

What command exactly should i type to give only a particular user on linux to have read/write access to the /var folder?

Here's the Scenario:

List of user on linux system:
root
UserA
UserB

I only want to give UserA the ability to create new folders in the /var and /usr folder. UserA will be able to create new folder (e.g. called 'SHAREFILES'), and save/del/manipulate the files in folder 'SHAREFILES'.

Access permission to /var and /usr for UserB remain unchange, UserB cannot write or make changes to /var and /usr.

------------------------------------------------------------
NOTE: you'll probably ask me why i want to access /var and /usr folder. it's because the way the system was configured/partition/mounted, /var and /usr folder have been allocated plenty of disk space available, which will not be used. And /home folder is currently running out of space, so it is just a temporary unconventional way to have extra space to save files, as re-allocation of the free disk space is a bit complicated or maybe require reinstallation. I don't want to touch it as i am afraid of screwing up the system

.

Thanks in advance.

Wim Sturkenboom · 07-17-2008, 05:36 AM

The root user can create a subdir in /var (e.g. wim_files) and set the permissions for the subdirectory so that a specific group (wim) can read, write and execute. You might have to create the group and make wim a member of it (might already be the case if your distro creates a group for each user) and you should be there.

Code:

wim@webserver:~$ ls -ld /var/wim_files
drwxrwx--- 3 root wim 4096 2008-07-17 12:32 /var/wim_files/
wim@webserver:~$ cd /var/wim_files/
wim@webserver:/var/wim_files$ ls -l
total 4
-rw-r--r-- 1 wim wim    0 2008-07-17 12:30 abc.txt
drwxr-xr-x 2 wim wim 4096 2008-07-17 12:32 def/
wim@webserver:/var/wim_files$

sfkong · 07-17-2008, 09:25 PM

Would it be the same if i use 'chown' command?

Say i login as Root, then create a subdir in /var (e.g. UserA_Files), then use the following command:

Code:

chown -R UserA:UserA /var/UserA_Files

Is this OK and work the same?

Wim Sturkenboom · 07-17-2008, 11:02 PM

In my opinion /var belongs to root and therefore I would use the chgrp command.
As you can see from the codeblock that I gave, anything under /var/wim_files 'automatically' belongs to wim.

At this moment I don't see a need for the -R option unless you already have files and directories in there.

It's your system, so try it.

Mr. C. · 07-17-2008, 11:48 PM

Let me be a little stronger in making a point. Do not change system file and directory permissions, without knowing very well what you are doing. They have been established over a very long time, by many people. If you think you need to change them, you are almost assuredly taking the wrong approach, and might as well throw security, permissions, and ownership out the window.

What problem are you actually trying to solve?

sfkong · 07-18-2008, 12:44 AM

Ok. Thanks. Finally worked it out. Here's a report if it helps anyone else.

I use Fedora 8.

I login to root, mkdir new folder, then chgrp to the group i wanted. But it still didn't allow me to write to the folder, probably cos the owner is still root. Then i tried also chown UserA as well. And now finally I can write to the folder.

Thanks.
-------------------
EDIT:

Hi. Mr. C, Sorry Missed your post.

Yeah, that was what i was afraid that i would mess up the system.

What i wanted to do is to create a folder in /var and /usr, which is own by UserA, where only UserA have write access to it, so UserA can temporary use it to store some files, as /home is outta disk space, but there's plenty of diskspace in /var and /usr, because of the way they are mounted.

faheem anwar · 07-18-2008, 01:25 AM

what is the
CREATE MODE
DIRECTORY MODE
AND
CHMOD

Mr. C. · 07-18-2008, 01:38 AM

Let me suggest that you create a subdirectory, in each of /var/ and /usr as you need. Inside those directories, create directories for each user that requires additional storage.

mkdir /var/space1/joe
mkdir /usr/space2/sam

and

chown joe:joesgroup /var/space1/joe
chown sam:samsgroup /usr/space2/sam
chmod 700 {usr,var}/space[12]/{joe,sam}

This gives joe and sam the ability to do what they please inside the directories, but not affect anything directly in /usr and /var, and you don't pollute /usr and /var with more directories should you need additional per-user storage. You can create symlinks in each user's home that points to the space for that user as an aid.

ln -s /var/space1/joe ~joe/space
ln -s /usr/space2/sam ~sam/space

One technique when a home file system is full is to actually move the user's home directory to a file system with more space, and then just create a symlink in /home to the new location:

FranDango · 07-18-2008, 06:27 AM

I would add as root a new directory in either /usr (preferably) or /var and name it 'home2' or something like that. You can then link home2 into /home, or do the same for all new user directories withinin home2.

When creating new user accounts you can define the location of that user's home directory. It doesn't always have to be /home, so you can set /usr/home2 directly.

Linux Archive

sfkong · 07-20-2008, 08:23 AM

Thanks so much Mr. C, that's exactly the details and explanation i required. And if you don't mind, can I pm you if I run into anymore question in the future

I am sure you know the answer to them all.

Thanks as well FranDango for the info.

Mr. C. · 07-20-2008, 12:34 PM

You're welcome.

I think many people will be helpful, and often better than I can. How about asking your questions online here, and if they are not getting answered (to your satisfaction), then you can drop a PM. This way, everyone gets a learning opportunity.