LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-09-2008, 04:11 PM   #1
CelticBlues
LQ Newbie
 
Registered: Jan 2005
Posts: 29

Rep: Reputation: 15
How do I give subset of users full access to 'joes' account, but not vice-versa?


I want to create a user I'll call demouser whose home directory will be where the developers in my group put final versions of their apps for demos.

The idea basically is that the developers will do all their coding, buildng etc, then dump their apps/data in a specificy folder under /home/demouser. Then at some later date, the demouser can log in and run the apps. One catch is, I don't want demouser to be able to access any of the other developers/users accounts/files.

I created the account 'demouser' and created a unique group for it, then added the desired users to the 'demouser' group. After I did this, I tried to 'ls /home/demouser' and got an 'access denied' message. I actually had to change the permissions on the folder to read/write/exeecute for the desired users.

What is the proper way to acheive what I am trying to do?

CB
 
Old 06-09-2008, 04:23 PM   #2
MasterC
LQ Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
The directory is not important. Just because /home/demouser is the users home directory doesn't automatically mean they will have permission to read the files placed in there. I would aim for a different directory instead, something outside of standard "personal" documents, maybe /var/apps

Then, add the users who will be putting all the files into that directory to a group, maybe "developers" also add demouser to this group. This keeps demouser away from their personal stuff, and them away from demouser's personal stuff.

Once the directory is created, chown it to the dev group:
chown root:developers /var/apps
chmod 775 /var/apps

Your other option if you want to keep the /home/demouser as the dumping ground, you will want to simply chmod 775 /home/demouser and chown demouser:users /home/demouser to enable the group "users" to have full access to the demousers directory.

-Chad
 
Old 06-09-2008, 04:32 PM   #3
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
Two things you can do is either create a group that has access to the directory or use file attributes to give certain users or groups access.

The setfacl command can give you more granular control in controlling access then group control. The file system need to support user acls.

For a project, you might consider using a version control system instead.
 
Old 06-09-2008, 05:57 PM   #4
CelticBlues
LQ Newbie
 
Registered: Jan 2005
Posts: 29

Original Poster
Rep: Reputation: 15
Thanks for the help... I'll try the suggestions.
CB
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
What does Linux have against ASUS (or vice versa)? xp_newbie Linux - Hardware 54 05-23-2007 12:24 PM
Purely Curiosity: access files from one HD partition to another, but not vice versa. beezum88 Linux - Desktop 1 08-14-2006 07:28 PM
access external hard drive linux partition on linux and vice versa garyozzy Linux - Newbie 2 08-03-2005 07:11 PM
m1 can ping m2, but not vice versa cmacklin Linux - Networking 4 10-31-2004 09:01 PM
KDE under Gnome, or vice-versa Pres General 7 02-01-2004 11:18 AM


All times are GMT -5. The time now is 12:24 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration