LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 07-23-2009, 08:18 AM   #1
fuzzyfroboy
LQ Newbie
 
Registered: Jul 2009
Posts: 11

Rep: Reputation: 0
Hide File Systems From User


I was wondering if it was possible to hide the File Systems from a user. So when then browse through folders or choose to save something the default folder is their "home" folder. I am using SAM Linux distribution and don't want my users to be able to screw anything up! I use thunar as my file manager and was just wondering if it is possible?

-Any help would be appreciated, Andrew
 
Old 07-23-2009, 09:18 AM   #2
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,017

Rep: Reputation: 369Reputation: 369Reputation: 369Reputation: 369
Most (all?) system directories are already set so ordinary users cannot write to them.

Users home directories can be set to permissions of 700 (the default is sometimes 755, depends on distro), which means that only the owners of those directories can read from them or write to them.

Understanding Linux file permissions

Welcome to LQ!
 
Old 07-23-2009, 12:00 PM   #3
fuzzyfroboy
LQ Newbie
 
Registered: Jul 2009
Posts: 11

Original Poster
Rep: Reputation: 0
I was hoping that the user could only see and use their users folder so instead of having access to filesystems/home/"user" they would just have access to "user" and would not be able to edit or even view any of the filesystem folders such as bin, boot, dev etc.. Is it possible to do this with permissions? I was under the impression that permissions only worked for individual folders and subfolders not the whole file system.

also, if i make my users have no rights for their tmp folder will this mess everything up because the os won't have permission to store date in it?

Thanks for everything, Andrew
 
Old 07-23-2009, 12:29 PM   #4
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,040

Rep: Reputation: 373Reputation: 373Reputation: 373Reputation: 373
You can do so with a 'chroot jail'. I suggest you to search for those terms and come back if you need some extra help
 
Old 07-23-2009, 02:33 PM   #5
fuzzyfroboy
LQ Newbie
 
Registered: Jul 2009
Posts: 11

Original Poster
Rep: Reputation: 0
chroot jail looks good!

I think chroot jail is what I want, Iv looked into it and it is promising (and intense!!).

However after reading up on it, don't you have to copy some of the directories such as bin and you shared directory (which was what I was trying to hide initially)? for example if I used chroot and made the root directory "user" and didn't copy over any of the other directories would i be able to use my applications still?
 
Old 07-27-2009, 10:21 AM   #6
fuzzyfroboy
LQ Newbie
 
Registered: Jul 2009
Posts: 11

Original Poster
Rep: Reputation: 0
Can anybody help shed some light on this?
 
Old 07-27-2009, 10:27 AM   #7
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,040

Rep: Reputation: 373Reputation: 373Reputation: 373Reputation: 373
When you are into a chroot nothing outside of it is accessible, that's the whole point of chrooting, and there's no way to run something if you can't first read it from the disk. So I doubt that you have many alternatives.
 
Old 07-27-2009, 10:34 AM   #8
fuzzyfroboy
LQ Newbie
 
Registered: Jul 2009
Posts: 11

Original Poster
Rep: Reputation: 0
hmm looks like I'll have to try it out then. Thanks for the reply!
 
Old 07-27-2009, 02:52 PM   #9
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,986
Blog Entries: 11

Rep: Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880Reputation: 880
Quote:
Originally Posted by i92guboj View Post
there's no way to run something if you can't first read it from the disk.

Just to re-iterate that those chrooted users
won't be doing much.
 
Old 07-27-2009, 06:29 PM   #10
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: Slackware®
Posts: 11,281
Blog Entries: 3

Rep: Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446
Hi,
Quote:
Originally Posted by fuzzyfroboy View Post
I was wondering if it was possible to hide the File Systems from a user. So when then browse through folders or choose to save something the default folder is their "home" folder. I am using SAM Linux distribution and don't want my users to be able to screw anything up! I use thunar as my file manager and was just wondering if it is possible?

-Any help would be appreciated, Andrew
Permissions Permissions Permissions

You can look but don't touch. If permissions are setup then the browsing is going to do nothing. Your system should be setup so as the user has his '~'. Outside of that unless you provide permissions or passwords to access su rights then what do you expect that user to do? A user if they are allowed to browse (read) but no write then what will happen? Nothing!

If you setup global access then that's your fault. If the user breaks something in their environment then that will be recoverable. Just remember, no rights then no writes.
 
Old 08-04-2009, 10:57 AM   #11
fuzzyfroboy
LQ Newbie
 
Registered: Jul 2009
Posts: 11

Original Poster
Rep: Reputation: 0
stupid question but what do you mean by their "~"? I think I will have to settle with changing permissions (I just didn't want them to be able to see the directories because its for old people and i don't want them getting confused)

Thanks!
 
Old 08-04-2009, 11:15 AM   #12
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,040

Rep: Reputation: 373Reputation: 373Reputation: 373Reputation: 373
"~" means "home directory", it's equivalent to "$HOME", usually somewhere under /home/
 
Old 08-04-2009, 11:47 AM   #13
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: Slackware®
Posts: 11,281
Blog Entries: 3

Rep: Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446Reputation: 1446
Hi,
Quote:
Originally Posted by fuzzyfroboy View Post
stupid question but what do you mean by their "~"? I think I will have to settle with changing permissions (I just didn't want them to be able to see the directories because its for old people and i don't want them getting confused)

Thanks!
As shown ~ means home, so ~/fuzzyfroboy would be your home directory for your use.

I can see your need but as I said it before 'rights to write' then you could 'rights to read'.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to hide a file using file permissions in linux without using dot davender84 Linux - General 4 03-26-2009 12:13 AM
Read only file systems, custom live CDs, and embedded systems coffeecoffee Linux - Newbie 2 02-24-2009 11:09 PM
hide SAMBA shared folder in other user sasi.rrkay Linux - Software 0 06-26-2007 06:05 AM
How can I hide a file from ls -a? enigma_0Z Linux - Security 12 10-31-2006 12:29 PM
How to hide and block a directory for a specific user hoolie_v Linux - Newbie 2 08-08-2004 07:14 AM


All times are GMT -5. The time now is 11:55 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration