LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-30-2008, 04:02 AM   #1
bkcreddy17
Member
 
Registered: Feb 2008
Location: India-Hyderabad
Distribution: RHEL and Fedora
Posts: 171

Rep: Reputation: 15
Lightbulb shell script


hi,
There is a batch file script to set password to a folder. Of course we can use chmod or chown and restrict user. But in home PC every one logs in as root. Can any tell me the script in Linux?
 
Old 05-30-2008, 05:34 AM   #2
mrrangerman
Member
 
Registered: Oct 2007
Location: MI
Distribution: Debian Slackware
Posts: 528

Rep: Reputation: 50
Quote:
bkcreddy17

But in home PC every one logs in as root.
Set up user accounts for each person, running as root is NOT a smart thing to do.......... Your asking for trouble.

Last edited by mrrangerman; 05-30-2008 at 05:41 AM.
 
Old 05-30-2008, 05:47 AM   #3
bkcreddy17
Member
 
Registered: Feb 2008
Location: India-Hyderabad
Distribution: RHEL and Fedora
Posts: 171

Original Poster
Rep: Reputation: 15
Thank you.
That's ok. But my motto is, when we try to open a folder, it should prompt for password. How can we do it?
 
Old 05-30-2008, 05:59 AM   #4
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
Don't run as root. Use permissions and maybe even acls to control access to directories and files. (see manpages for chown, chgrp, setfacl & getfacl). If a person doesn't have read permission on a folder or file, they can't read it. If you have files & subdirectories in a globally readable & writable parent directory, set the sticky bit on the directory to prevent any user from deleting any file.

The permission (and password) to enter a directory or read a file was determined when they log in and enter their password.

You can also use encryption. Then a person needs to know a password to decrypt the file.

PS. <gripe>Why does it seem that so many people from India do things like run RH9, use telnet and log in as root?</gripe>

Last edited by jschiwal; 05-30-2008 at 06:02 AM.
 
Old 05-30-2008, 06:18 AM   #5
ischi
Member
 
Registered: Apr 2008
Location: Tübingen
Distribution: Fedora 9 (Thinkpad T60), Debian 3.1 (Server)
Posts: 51

Rep: Reputation: 15
Never ever run as root, because if you are running as root all your programms also have root privileges and even a small bug can srew up your whole System! Thats what user accounts are for. I would even limit the login that ie root over ssh is not possible, so you first login as normal user and than do su.
That being said, if all your users have the root password anyway its not save to just set permissions for the users, it is improtant to do that but not sufficiant for safety. What I would do:
Either change the root password to something strong, and dont give it to anybody (if nobody else needs root) than set the permissions.
or if thats not possible than encrypt the home of each user (or at least a folder for each user) where only the user knows the password. this can be done with Truecrypt ie.

Personally I would designate a trustable admin who has root, and nobody else knows the password which should be something strong liken 231kfas41as"!")(§kasd



I
 
Old 05-30-2008, 09:12 AM   #6
Ajax4Hire
LQ Newbie
 
Registered: May 2004
Location: sol 3 (3rd planet from sun)
Distribution: Redhat 9.0
Posts: 8

Rep: Reputation: 0
Quote:
Originally Posted by bkcreddy17 View Post
But my motto is, when we try to open a folder, it should prompt for password. How can we do it?
You are asking for contradictory criteria.
How to give all users to have complete access but not complete access.

Everyone logs in as root, meaning everyone has complete control over everything.
Everyone need to enter a different password for individual folders.

The reason "root" is root is to NOT have to enter password for everything.
Root is to setup, cleanup, fixup the mess ups.
User is to use the computer.

Give each user a name, a username.
There is a reason why you don't run as root,
you will discover this reason the hard way.
Take the advice now or take it later but you will take it.
 
Old 05-30-2008, 09:46 AM   #7
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,063

Rep: Reputation: 381Reputation: 381Reputation: 381Reputation: 381
You are just confused on how the linux multiuser paradigm works on its own.

You need to create one regular user per person. Each user has it0s own home directory and it's own password. No one can read the files from USER_A unless USER_A explicitly permitted it via chmod/chown.

You are trying to re-invent the wheel in an insane way. If you run as root, everything runs as root, and that included malicious javascripts and trojans. Not to speak about the damage that your users can (and will) do to your system.
 
Old 05-30-2008, 05:04 PM   #8
seraphim172
Member
 
Registered: May 2008
Posts: 101

Rep: Reputation: 15
What's the reason of passwords if everyone runs as root? Do you want a tool that locks out root? Even if you would have such a tool, as root you could disable it.

If you want to password-protect folders for regular users, then the question is what application is used to browse directories. If a web-browser is used on an Apache server, then .htaccess and .htpassword files can be used.

Linux Archive

Last edited by seraphim172; 06-25-2008 at 05:44 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to ssh from a shell script ? For ppl who can write shell scripts. thefountainhead100 Programming 14 10-22-2008 07:24 AM
Shell Scripting: Getting a pid and killing it via a shell script topcat Programming 15 10-28-2007 03:14 AM
I made a shortcut to a shell script and it is using default shell icon... shlinux Linux - Software 2 04-20-2006 07:29 AM
Alias or shell script to confirm 'exit' commands from a shell rose_bud4201 Programming 2 03-08-2006 03:34 PM
shell script problem, want to use shell script auto update IP~! singying304 Programming 4 11-29-2005 06:32 PM


All times are GMT -5. The time now is 04:13 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration