LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
LinkBack Search this Thread
Old 11-29-2012, 03:27 AM   #1
riahc3
Member
 
Registered: Dec 2002
Posts: 95

Rep: Reputation: 1
Have a user only have complete access to one folder


Hello

I made a new user (command line) and I just want him to be able to access (read and write) ONE folder (and its contents, which include other folders and other files). I made him via command line (he really has nothing; I had to even make manually (mkdir) his "home").

The folder in question, BTW, is owned (from what I see) root and belongs to the group root. For obvious reasons, this cannot be changed.

How do I do it?
 
Old 11-29-2012, 03:39 AM   #2
bala.linuxtech
Member
 
Registered: Nov 2012
Location: Bangalore
Distribution: RHEL and Centos
Posts: 80

Rep: Reputation: Disabled
Quote:
Originally Posted by riahc3 View Post
Hello

I made a new user (command line) and I just want him to be able to access (read and write) ONE folder (and its contents, which include other folders and other files). I made him via command line (he really has nothing; I had to even make manually (mkdir) his "home").

The folder in question, BTW, is owned (from what I see) root and belongs to the group root. For obvious reasons, this cannot be changed.

How do I do it?
Hi

USe ACL For this ..
 
Old 11-29-2012, 03:42 AM   #3
markush
Senior Member
 
Registered: Apr 2007
Location: Germany
Distribution: Slackware
Posts: 3,970

Rep: Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848
With
Code:
chown -R user.group /pathtofolder/folder
you make the user "user" of group "group" the owner of folder "folder".

I have not understood if this really was your question, therefore I would recommend that you read the manpages for chown and chmod very carefully.

Markus
 
Old 11-29-2012, 03:43 AM   #4
riahc3
Member
 
Registered: Dec 2002
Posts: 95

Original Poster
Rep: Reputation: 1
OK, i was able to put write enabled.......the thing is that when I try to chroot the connection, it fails not allowing me to write to that folder.

---------- Post added 11-29-12 at 10:43 AM ----------

Quote:
Originally Posted by markush View Post
With
Code:
chown -R user.group /pathtofolder/folder
you make the user "user" of group "group" the owner of folder "folder".

I have not understood if this really was your question, therefore I would recommend that you read the manpages for chown and chmod very carefully.

Markus
Wouldnt chown change the owner of the folder? The owner is "root" so Im not sure if this is a good idea :S
 
Old 11-29-2012, 03:44 AM   #5
riahc3
Member
 
Registered: Dec 2002
Posts: 95

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by bala.linuxtech View Post
Hi

USe ACL For this ..
How do I use ACL to acomplish this?

Thank you
 
Old 11-29-2012, 03:47 AM   #6
markush
Senior Member
 
Registered: Apr 2007
Location: Germany
Distribution: Slackware
Posts: 3,970

Rep: Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848
Quote:
Originally Posted by riahc3 View Post
...
Wouldnt chown change the owner of the folder? The owner is "root" so Im not sure if this is a good idea :S
Yes, it would.

But could you please explain in more detail what you want to achieve? Normally when a user needs full access to a folder, it would be one possibility to make him the owner of the folder. But it depends on the situation.

Markus
 
Old 11-29-2012, 03:49 AM   #7
bala.linuxtech
Member
 
Registered: Nov 2012
Location: Bangalore
Distribution: RHEL and Centos
Posts: 80

Rep: Reputation: Disabled
Quote:
Originally Posted by riahc3 View Post
How do I use ACL to acomplish this?

Thank you
First check that owner and appropriate permissions for that folder .. i think chown and chgrp command is enough to resolve this problem ..
 
Old 11-29-2012, 05:29 AM   #8
riahc3
Member
 
Registered: Dec 2002
Posts: 95

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by markush View Post
Yes, it would.

But could you please explain in more detail what you want to achieve? Normally when a user needs full access to a folder, it would be one possibility to make him the owner of the folder. But it depends on the situation.

Markus
Using php (via ftp) I want to transfer a file from one location to another. The user will be this one and he should only have access a root owned folder (lets say its /dev). Obviously the folder's owner has to stay being root but I want this user to be able to access it to read and write to it.

I apoligize for not making myself clear
 
Old 11-29-2012, 05:35 AM   #9
markush
Senior Member
 
Registered: Apr 2007
Location: Germany
Distribution: Slackware
Posts: 3,970

Rep: Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848
Couldn't you simply configure FTP in a way that the user "as he is" has access via FTP?

I use FTP to connect from my Smartphone to my Laptop in order to transfer pictures to the laptop and other files to the Smartphone. I have vsftp configured so, that I as a normal user can access the laptop via FTP. The folder, from where I download the files to the Smartphone is in my home-directory of the laptop.

Markus

Last edited by markush; 11-29-2012 at 05:36 AM.
 
Old 11-29-2012, 06:18 AM   #10
riahc3
Member
 
Registered: Dec 2002
Posts: 95

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by markush View Post
Couldn't you simply configure FTP in a way that the user "as he is" has access via FTP?

I use FTP to connect from my Smartphone to my Laptop in order to transfer pictures to the laptop and other files to the Smartphone. I have vsftp configured so, that I as a normal user can access the laptop via FTP. The folder, from where I download the files to the Smartphone is in my home-directory of the laptop.

Markus
With "write-enable" I believe I can do what you are telling me but it doesnt allow me to chroot so then the user cannot go to other folders. Obviously its automatic thru php but just in case....
 
Old 11-29-2012, 06:24 AM   #11
markush
Senior Member
 
Registered: Apr 2007
Location: Germany
Distribution: Slackware
Posts: 3,970

Rep: Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848
Quote:
Originally Posted by riahc3 View Post
With "write-enable" I believe I can do what you are telling me but it doesnt allow me to chroot so then the user cannot go to other folders. Obviously its automatic thru php but just in case....
mh, I think I can't help here. Couldn't you explain in more detail what you're doing? I mean I'm very happy without any knowledge of PHP and "FTP and chrooting" sounds peculiar to me..... I cannot imagine what you want to do.... copying a file to another computer will also work with rsync or scp, chrooting works with ssh.

Markus
 
Old 11-29-2012, 10:16 AM   #12
riahc3
Member
 
Registered: Dec 2002
Posts: 95

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by markush View Post
mh, I think I can't help here. Couldn't you explain in more detail what you're doing? I mean I'm very happy without any knowledge of PHP and "FTP and chrooting" sounds peculiar to me..... I cannot imagine what you want to do.... copying a file to another computer will also work with rsync or scp, chrooting works with ssh.

Markus
I want to connect via FTP to /dev and allow the user to write/read there, only there. Also any folder under /dev

Thats the basic of it.
 
Old 11-29-2012, 10:24 AM   #13
markush
Senior Member
 
Registered: Apr 2007
Location: Germany
Distribution: Slackware
Posts: 3,970

Rep: Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848
I think that writeaccess in /dev for any normal user is a security risk.

Markus
 
Old 11-29-2012, 10:56 AM   #14
riahc3
Member
 
Registered: Dec 2002
Posts: 95

Original Poster
Rep: Reputation: 1
Quote:
Originally Posted by markush View Post
I think that writeaccess in /dev for any normal user is a security risk.

Markus
Im glad you think that but I remind that /dev is a example, not the literal place.

Point is, I respect what you think but I just simply want to do this. Ill repeat

I want to connect via FTP to /dev and allow the user to write/read there. Also any folder (and its files) under /dev
 
Old 11-29-2012, 11:04 AM   #15
markush
Senior Member
 
Registered: Apr 2007
Location: Germany
Distribution: Slackware
Posts: 3,970

Rep: Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848Reputation: 848
Well, how did you configure FTP?

Markus
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to give access to particulat user in ftp user group to particular folder marora Linux - General 2 06-16-2011 02:03 AM
[SAMBA] Access a folder as specified user lucazorzi Linux - Server 1 10-13-2009 11:46 AM
Restrict a user to only have access to ONE single folder. colltek Linux - Newbie 4 01-30-2009 10:41 AM
how to restrict one particular user to access one particular folder? Xeratul Linux - Newbie 6 02-06-2007 01:01 PM
2 groups for complete access over to 1 share/folder ? amitsharma_26 Linux - General 5 12-16-2005 05:42 AM


All times are GMT -5. The time now is 12:10 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration