Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Cool. You're running 10.04. To make your folder completely private, you can encrypt your home folder, or those of the users in question that are visible right now. A similar procedure exists for OS X 10.3+ called FileVault, in order to make folders invisible.
Or, you could open a terminal and change ownership/permissions on the folders which you wish to change access, and give access only to users that can see the folders.
However, of the two methods, I would recommend encrypting the home folder. The only issue with that, however, is that if the computer crashes and needs to be redone, you'll have a harder time getting files out of home folders.
All chmod does is change permissions which protects against casual attempts to access the contents. Of course any user with sudo rights can always use that to read the contents of another user's home directory. Also if you have multiple people using the same computer and any of them know how to boot the computer from a LiveCD then they could access other user's files.
FileVault on Mac OS X encrypts the user's home directory. Various solutions for doing that on Linux exist but I don't know what the best one is for Ubuntu. Encrypting home directories increases security but it also increases the risk of you losing access to the files due to filesystem corruption, disk failure, or something daft like forgetting the password. You also have to think about making sure back ups of your home directory are encrypted. (You do make back ups of your home directories don't you? Hopefully you're not one of those people who never makes backups and then is distraught when their computer is lost or stolen or destroyed by fire or flood or lightening or Act of Dog or their harddisk just goes 'clunk' one day and stops working.)
I'd rather use chmod go-rwx rather than 700. That way you don't touch users permissions at all, just group and other.
Yes, I agree.
Originally Posted by unSpawn
Isn't that a rather unsafe approach if 'eval echo /home/*' expands to more than one thinks it will?
Can you give an example of how 'eval echo /home/*' could expand to more than one thinks it will? I can't think of one.
I really should work my way through those bash scripting guides at tldp.org one day. (The site isn't responding right now, hopefully it will be back on line soon)
Thanks guys. You've helped plenty..!!!
I have started encrypting new folders with "cryptkeeper". It doesn't encrypt existing folders, so i have to make new ones. There i dump the objects of my shame. Then i log as another user and presto.! 3 folders holding my shit are invisible to regular users.
Merry weekend to all of you..!!
Can you give an example of how 'eval echo /home/*' could expand to more than one thinks it will?
Using "/home/*" may expand to or include:
- /home/lost+found if /home is a separate mount point,
- any files in the root of /home,
- any directories owned by system accounts (that do not have an inert shell set),
- any directories that explicitly have permissions changed to share access.
An easier way could be to say it is a greedy match if that means something to you. A safer way could be to query /etc/password for accounts with an UID >= 500 (or /etc/login.defs) that also have a valid shell and also a $HOME in /home and also are not used for system services.