LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-31-2008, 06:24 PM   #1
SuperDude123
Member
 
Registered: Nov 2008
Posts: 158

Rep: Reputation: 30
the chmod equivalent for group rights


Here's my problem:

I made a ssh server and I would like to know how I can restrict users from a certain group to a certain file directory in the system and how to prevent them from deleting the files in their directory such as .Xauthority, .Xdefaults, etc.. ?
 
Old 12-31-2008, 06:45 PM   #2
Didier Spaier
LQ Addict
 
Registered: Nov 2008
Location: Paris, France
Distribution: Slint64-14.2beta3 on Lenovo Thinkpad W520
Posts: 6,789

Rep: Reputation: 2135Reputation: 2135Reputation: 2135Reputation: 2135Reputation: 2135Reputation: 2135Reputation: 2135Reputation: 2135Reputation: 2135Reputation: 2135Reputation: 2135
AFAIK, as long as a file is in a user's directory you can't prevent him/her to delete it, provided he/she is the owner of both the directory and the file. The only way would be to change the owner of the file (obviously you can do that if you are root), but beware to the possible unwanted effects.

Last edited by Didier Spaier; 12-31-2008 at 06:48 PM.
 
Old 12-31-2008, 06:50 PM   #3
SuperDude123
Member
 
Registered: Nov 2008
Posts: 158

Original Poster
Rep: Reputation: 30
how do I change ownership of the file? also, how do I make it so the user can still log in after I changed the file ownership as root?

how do I also stop one group of members (or just the member) from having sudo rights?
 
Old 12-31-2008, 06:59 PM   #4
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,063

Rep: Reputation: 381Reputation: 381Reputation: 381Reputation: 381
Quote:
Originally Posted by SuperDude123 View Post
Here's my problem:

I made a ssh server and I would like to know how I can restrict users from a certain group to a certain file directory in the system
Google for "ssh chroot jail", for example:

http://www.howtoforge.com/chrooted_ssh_howto_debian

Quote:
and how to prevent them from deleting the files in their directory such as .Xauthority, .Xdefaults, etc.. ?
chown to change the ownership. Then chmod to remove the write permission for everyone but the owner. Note that *some* programs will not like this. Ssh, to put an example, is very very picky about the permissions of ~/.ssh and its contents. You will have to try yourself.
 
Old 12-31-2008, 09:45 PM   #5
wit_273
Member
 
Registered: Mar 2007
Location: Nebraska
Distribution: CentOS
Posts: 82

Rep: Reputation: 15
Just a note changing the owner and group of a file does not prevent the folder owner from deleting the file, because when deleting the file you are modifying the directory.

For example, joe is the owner of his home directory but .Xauthority, .Xdefaults is owned by root (and in roots group). Joe will not be able to edit the files (which I suspect will cause joe some other problems). But joe will be able to delete them--because deleting the files is actually just modifying /home/joe/.

I hope this makes sense. The basics is that owner of a directory can delete all files under that directory. I am sure there is a way to prevent that--but I will have to think about it--and someone will likely answer that for you before I think it through.

George
 
Old 12-31-2008, 10:56 PM   #6
chalearun
LQ Newbie
 
Registered: Jan 2006
Posts: 9

Rep: Reputation: 1
I think you can do this with SGID ( Setting Group ID ) for a particular folder, then only the memebers of the groups have authority of modifying the files only inside that directory.

You can also try using the attributes. using chattr and lsattr command

Last edited by chalearun; 12-31-2008 at 11:04 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
chmod, user access rights webtrix28 Linux - Newbie 2 11-08-2007 07:03 AM
How to give access rights to one group to the home-dirs of another group Peter@KKVS Linux - Networking 2 11-09-2006 01:38 AM
lost execute rights on chmod itself senips Linux - Security 5 10-14-2006 03:34 AM
Chmod rights and folder access fieldyweb Linux - General 3 08-24-2005 05:12 AM
chmod rights over ftp/telnet Garp Linux - Security 9 08-04-2005 07:20 AM


All times are GMT -5. The time now is 09:47 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration