LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 05-30-2004, 09:03 PM   #1
Ironica
Member
 
Registered: Jan 2003
Distribution: LFS
Posts: 64

Rep: Reputation: 15
Sharing a directory with a regular user (with write permission)


I decided that I want 2 users to share a home directory, so that their config files ( ~/.* ) are identical. That is, my regular user account, and root. No problem, just a simple change in /etc/passwd, and recursively chown the shared directory to the regular user.

But whenever root writes a new file in the shared home directory, the regular user doesn't get permission to write to that file, obviously. I have to chown or chmod it, as root. I know there has to be an easier way of doing this.

Setup a group maybe? I'm not sure exactly how this works though, because I've only ever used the computer for personal purpose, never shared. And then setguid for this directory? But how can I get it to work recursively, so that all files created within will get permission 770? Not chaging root's umask, because I don't want the regular user to have permission outside the home directory, as normal. How is it done?
 
Old 05-31-2004, 12:23 AM   #2
Vlad-A
Member
 
Registered: May 2004
Location: Vienna, Austria
Distribution: Open SuSE 11, Mac OS X 10.5
Posts: 299

Rep: Reputation: 32
Did you try to create a separate File System and mount it with a GID ?

Example:
/dev/hdb5 /DateGRP200 raiserfs gid=200,umask=0007,user,exec 0 0

200 is the ID of the group where the "allowed" users belong to.


If your /home directory happens to be on your / filesystem, then putting root
and your "normal" user in one group will not help you too much (except you
change their primary group).

Last edited by Vlad-A; 05-31-2004 at 12:24 AM.
 
Old 05-31-2004, 07:44 AM   #3
Ironica
Member
 
Registered: Jan 2003
Distribution: LFS
Posts: 64

Original Poster
Rep: Reputation: 15
I did think about that. But surely there has to be a way, without creating a seperate filesystem... ?
 
Old 05-31-2004, 09:11 AM   #4
Oliv'
Senior Member
 
Registered: Jan 2004
Location: Montpellier (France)
Distribution: Gentoo
Posts: 1,014

Rep: Reputation: 36
There's the ACL solution: http://acl.bestbits.at/
It allows you to fine tune permissions

Oliv'
 
Old 05-31-2004, 09:33 AM   #5
Scruff
Member
 
Registered: Oct 2002
Location: Stoughton, MA
Distribution: Gentoo x86_64 & PPC
Posts: 949

Rep: Reputation: 30
This is really a Bad Idea. You shouldn't need any configuration settings as root besides maybe your bash profile and what not. Surely you are not running X as root?? Or any GUI mail suites, etc, etc. The only reson to use the root account is to modify the system in ways that is forbidden to users. Otherwise run as user all the time. su to root when necessary. I am sure DE's like KDE and Gnome provide GUI ways to temporarily become root to use certain tuning utilities as well (can't remember, it's been awhile since I used either).

I don't run any X based software as root. Any security flaws they might have will be magnified 100 fold if the user running them is root. I su to root from a command line to modify config files, play with the kernel, etc and then exit back to my user. By trying to combine anything your no_permission_having_user does, with your all_powerful_root_account is again, a Bad Idea

Here is the entire listing of my root ~/
root@tuxbook:~# ls -a
. .bashrc .keep .rnd .xauthC0djVo .xauthYPDPzT .xauthnDsfOX
.. .config .mcop .ssh .xauthKEPXuj .xauthdmmDFy .xauthrmozUS
.ICEauthority .dvdcss .mcoprc .viminfo .xauthM0VzwS .xauthgDjClf .xauthsQiCOW
.Xauthority .fonts.cache-1 .nessusrc .xauth23J5bB .xauthRpAjlA .xauthhHMNXW .xinitrc
.bash_history .hcwd .xauth3jUCgk .xauthUfSJ2t .xauthkzSlB8

Nothing in there my user needs, and no reason for root to have all my X based configs. There are ways to do what your asking, but none are close to being good security practice.
 
Old 05-31-2004, 10:43 AM   #6
Ironica
Member
 
Registered: Jan 2003
Distribution: LFS
Posts: 64

Original Poster
Rep: Reputation: 15
Yes, I was aware that it was a bad idea. That's why I explained that one of the users sharing would be root.

Logging in as root at graphical login, yes. I should never do that at all either? I did it because it was easier than su'ing all the time, and so that I could easily have graphical programs (such as konquerer, for file browsing) running as root.

Really? KDE provides a graphical way to become root? Yes, that would be much easier than sharing config files. Anyone tell me how to do that?

Thanks for advice ^^
 
Old 05-31-2004, 11:27 AM   #7
Scruff
Member
 
Registered: Oct 2002
Location: Stoughton, MA
Distribution: Gentoo x86_64 & PPC
Posts: 949

Rep: Reputation: 30
Quote:
Originally posted by Ironica
Logging in as root at graphical login, yes. I should never do that at all either? I did it because it was easier than su'ing all the time, and so that I could easily have graphical programs (such as konquerer, for file browsing) running as root.
Well X isn't the most secure thing in the world, so it's not a good idea to run as root but not a disaster if you stay away from things like internet browsers, and well... anything internet based. The more applications you have running as root, the more security risk there is.

Quote:
Really? KDE provides a graphical way to become root? Yes, that would be much easier than sharing config files. Anyone tell me how to do that?
Thanks for advice ^^
Well, I just booted to my wifes KDE account and looked around a bit. There is a Konqueror Root Filemanager option in the K menu (it has a red folder icon instead of blue). You just need to enter your password to use it. Then there is other system config GUI's provided by KDE that can tweak things at the system level after getting a root password. I just don't know where they are since I slimmed down the wifes menu to only things she might care to use

Personally, I run Fluxbox and all configuration is done from the command line so I just can't remember much more for you sorry.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Shared partition and user write permission dashnaam Linux - General 3 07-10-2005 01:22 PM
No write permission for /home/user/... payasam Mandriva 2 12-24-2004 12:33 PM
write to windows fat partition as regular user feetyouwell Linux - Software 2 09-11-2004 03:07 AM
need drive write permissions with regular user vettebro1 Linux - Newbie 3 03-04-2004 09:16 PM
Permitting a user to write to another users home directory rddreamz Linux - Newbie 4 11-19-2003 01:01 AM


All times are GMT -5. The time now is 08:48 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration