Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I have a user, who is part of the accounting group. the accounting folder is owned by the group, accounting. when the user attempts to go into the folder, it says that permission is denied. why is the user not able to go inside of the folder?
If you want the "accounting" group to be able to cd to the "bob" directory, you need to do:
chmod g+x bob
In other words, members of a group can't cd to a directory if the group doesn't have execute permission for the directory.
However, this won't solve your problem, since your "ls -l" output indicates that the directory "bob" belongs to the "root" group, not the "accounting" group. To fix that, do:
chgrp -R accounting bob
Something still doesn't make sense, though, assuming "bob" is the user who is unable to access the directory "bob". What is the output of "ls -l .." if you execute it from the same place you executed "ls -l"? You need to make sure that the directory that contains "bob" also belongs to the "accounting" group and has group read and execute permissions.
I do not want the accounting group to cd to the bob directory. there is a shared directory for that. I thought execute permissions were just for running scripts?
If I add the accounting group to bob, would accounting then be able to access his content?
Normally the login "bob" would also have a group created with only one member in it - "bob". Thus the home directory would be owned by bob, and group bob. The access mask would usually be rwxr-x--- (meaning, user bob has read/write/search, members of the group bob have read/search, and no one else has access. If bob is the only member of the group "bob" then no one else can access it). For directory files, the x means "search" rather than "execute".
Having bob own a root group directory is peculiar, but also since bob is not in group root, it would make things look odd to an audit.
"You can think of read and execute on directories this way: directories are data files that hold two pieces of information for each file within, the file's name and it's inode number. Read permission is needed to access the names of files in a directory. Execute (a.k.a. search) permission is needed to access the inodes of files in a directory, if you already know the file's name."
So a directory with "r--" permissions allows you see the file names. But you cannot open the files.
A directory with "--x" allows you to open the files, IF you already know the file name, AND have access permissions to read (or write) to the file.
To change the default directory requires both read and search.
This has been used in the past to provide an anonymous access to a dropbox type of operation. You could retrieve the file IF you already knew (or could guess) what the file name was. It has also been used to hide files from general viewing, but let specific individuals retrieve the data.