LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-01-2010, 11:54 AM   #1
macking
LQ Newbie
 
Registered: May 2010
Posts: 27

Rep: Reputation: 0
Permissions questions - not typical though


Is it possible / how can I?

I have two directories "money" and "assets".

I have two users, "jonn" and "jean".

I "need" john and jean to share a login called "post".

I want John and Jean to use this "post" login to be able to write a file to folders called "money" and "assets".

I don't want them to be able to "read" files in either directory.

I tried chmod 400 and that didn't work. They couldn't write a file to the directory.

What permissions can I give / assign so that they can write a file but they can't read any other files? Remember, there are different directories that they will "write" the files to.



No doubt you can change file and directory permissions on files such that when you upload a file via ftp, it uploads fine but isn't visible to the uploader.

Anybody?
 
Old 06-01-2010, 12:12 PM   #2
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 164Reputation: 164
Permission masks are additive- 4 2 1 0 (read) (write) (execute) (none) and the sections are [special][owner][group][everyone]

So read and write is 4+2=6, read and execute is 4+1=5, etc.

In the case of permissions its moot if 1 person or 10 access an account unless they're logins. In this case it appears you have 1 login (post) and two directories (money/assets).

So --

Make sure post exists as a user and as a group.
Code:
chown -R root:post {money,assets}
chmod 2730 {money,assets}
([special][owner][group][everyone] 2730= (Special:SetGID, Read/Write/Execute, Write/Execute, None))

A directory must have execute permissions for a user to be able to change directory something where that permission set is applied... so you need a 1 and you want the ability to write so 2, 1+2=3.

If jonn and jean had an account each you could add them to the post group and their users could write there but not read the directory.

If this isn't clear wikipedia has a good write up on permissions in unix under the chmod entry.
 
1 members found this post helpful.
Old 06-01-2010, 12:44 PM   #3
macking
LQ Newbie
 
Registered: May 2010
Posts: 27

Original Poster
Rep: Reputation: 0
Wow, I think that did it! Even the local linux guru didn't know how to achieve this.

Of course I thought chmod could only be 3 digigts, ie. 664, etc.

Thanks for your help!
 
Old 06-01-2010, 12:57 PM   #4
davidstvz
Member
 
Registered: Jun 2008
Posts: 405

Rep: Reputation: 30
Quote:
Originally Posted by macking View Post
Wow, I think that did it! Even the local linux guru didn't know how to achieve this.

Of course I thought chmod could only be 3 digigts, ie. 664, etc.

Thanks for your help!
When you use 4 digits with chmod, the first digit is a special thing that does not correspond to the normal read/write/execute permissions. You'll have to look up the special permissions and read about them if you want to use them properly.
 
Old 06-01-2010, 01:24 PM   #5
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 164Reputation: 164
The "special" one is 4- setuid, 2 setgid, 1 sticky bit... (the last of which is mostly depreciated.) Setgid helps keep permissions sane and consistent in a case like this. There are more details on the wikipedia article if you want to follow up on it. Even the three digit 730 would have worked... you'd just have potentially had permission issues over time if other apps/people/etc were writing to the directory. Setgid will help keep things in those directories writable by post.

Don't forget if you have trouble with the bit mode of setting perms you can also do it by letter-- chmod u+rwx (owner add read write execute) chmod g-r (group no read) chmod o-rwx (others remove all access) chmod a+rwx (all perms to read, write, execute). The one really neat one is chmod a+X which basically sets the execute bit ONLY on directories (so anyone can cd to them but potentially not read/write them if they have no permissions) without setting file permissions, typically people use a find to perform that operation but it's actually a chmod built-in too.

Last edited by rweaver; 06-01-2010 at 01:30 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Typical Linux Interview Questions !! hitesh_linux Linux - General 14 11-24-2011 01:40 AM
FTP permissions questions.. jedilost1 Linux - Server 2 10-15-2008 10:17 PM
typical newbie questions.... trueter Linux - Newbie 1 09-20-2004 03:55 AM
Permissions Questions JHuizingh Linux - General 4 01-16-2003 02:41 PM
Typical newbie questions newbietolinux Linux - Newbie 19 12-05-2001 06:34 AM


All times are GMT -5. The time now is 01:24 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration