LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-08-2005, 12:26 AM   #1
kyro_02
LQ Newbie
 
Registered: Jul 2005
Location: Melbourne, Australia
Posts: 12

Rep: Reputation: 0
Problems setting user permissions


Hello,

Well I am having problems setting user permissions in SSH (I want to only allow each user access to view their own files (and when they use FTP they get lead to their /username/ directory (but for some reason they can browse other peoples account (but fortunently not able to tamper with their files, but still I would rather the extra security.)

So basicaly:

I want to be able to set in their SSH account & their FTP account permission to only access & view their /username/ directory. If they attempt to go up a directory it will deny them access... Does this sound possible, because i've read on some websites and i'm unable to get these permission to work.

Thanks for reading my rant and hope you can help me out...

Thanks.

Last edited by kyro_02; 07-08-2005 at 12:29 AM.
 
Old 07-08-2005, 04:17 AM   #2
chakkerz
Member
 
Registered: Dec 2002
Location: Brisbane, Australia
Distribution: RedHat (RHEL, FC, CentOS), openSuSE, Mac OS X
Posts: 653

Rep: Reputation: 32
ok i did this locally but the principle is the same i guess:

example:

chakkerz@laptix chakkerz $ cd /home/zebra
chakkerz@laptix zebra $ ls
hons_2005.rar

fix that:
chakkerz@laptix zebra $ su
Password:
root@laptix zebra # chmod 700 ./
root@laptix zebra # exit

counter example:
chakkerz@laptix zebra $ cd ~
chakkerz@laptix chakkerz $ cd /home/zebra
bash: cd: /home/zebra: Permission denied
chakkerz@laptix chakkerz $

OK I actually did make two changes in that - i removed execute and read capabilities from other users in the same group and other users in general:

the first digit in the chmod assigns the owners priviledge -> 7 gives read write execute (executing a directory means the ability to change).
restricting it for other users of the same group, or other users generally to 0 (ie no read, no write and no execute) means they can't change into that directory

If you did :
chakkerz@laptix zebra $ su
Password:
root@laptix zebra # chmod 711 /home/zebra
root@laptix zebra # exit
chakkerz@laptix zebra $ cd ~
chakkerz@laptix chakkerz $ cd /home/zebra
chakkerz@laptix zebra $ ls
ls: .: Permission denied

they can change to the directory, but not read the contents
(a 722 doesn't really give listing capabilities because they still can't look in there)

so to get the restrictions you request either a 711 (with appropriate file restrictions inside the directory (they can't get a listing but read individula files)), or a 700 which is more secure in terms of not seeing data.
 
Old 07-08-2005, 07:55 AM   #3
kyro_02
LQ Newbie
 
Registered: Jul 2005
Location: Melbourne, Australia
Posts: 12

Original Poster
Rep: Reputation: 0
woops, I made a mistake...I somehow did a chmod now no users can access their account, they can't even get in their account AT all...

I can't even su username (as root)

what do I do?


thanks.

edit:
chmod ###'s don't seem to have an affect? I think I got chmod -R working....but i don't no - so confused...


login as: nickname
nickname@domain.com's password:
Could not chdir to home directory /home/nickname: Permission denied
-bash: /home/nickname/.bash_profile: Permission denied
-bash-2.05b$


edit: fixed

Last edited by kyro_02; 07-08-2005 at 08:02 AM.
 
Old 07-08-2005, 09:35 AM   #4
hi_teck45
LQ Newbie
 
Registered: Jul 2005
Posts: 3

Rep: Reputation: 0
check out the chroot option. i've read up on it and it allows users to be caged in their home directories.
 
Old 07-08-2005, 12:27 PM   #5
CroMagnon
Member
 
Registered: Sep 2004
Location: New Zealand
Distribution: Debian
Posts: 900

Rep: Reputation: 33
chroot might take more work than expected to get it to work correctly.

When you're logged in as root, what does
Code:
ls -l /home
say?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting user permissions PeteWieland Linux - Newbie 2 04-16-2005 07:35 AM
Setting User Permissions macgyver007 Linux - Newbie 3 04-12-2005 11:21 AM
Setting user network permissions beforemath Linux - Networking 2 02-28-2005 04:53 PM
Setting default permissions for user loadedmind Slackware 3 11-05-2003 04:24 PM
::Setting user permissions:: ::Newbie question:: XxAndyxX Linux - Software 3 03-20-2003 02:55 AM


All times are GMT -5. The time now is 12:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration