User, Group permissions in Redhat Linux ES 3.0

majicrobot · 09-19-2004, 09:26 AM

Folks,

I have Redhat Linux ES 3.0 on HP Hardware and have the following questions.If somebody answers these questions, I will be grateful.

1 I would like a create a user group called 'projectusers' and it contains around 10 users. This individual user(member of projectusers) can login into the machine but s/he should not create, modify files.How can I do that on group level? (ie) The whole group shouldn't create,modify the files when they login but they can su to some group id's.

2 I would like to create another group called 'webadmin' and all web related software will be installed under this account.When I create a group called 'webadmin', Is it necessary to create a userid called 'webadmin'? Because the above users(projectusers) should su to webadmin to work. I want to add some of the members of projectusers to webadmin group and it helps them to su to webadmin.How can I do that?

3 I want to restrict the projectusers and webadmin members to su to root.How can I do that?

I know , these questions are big but I am in a delegate situation to learn these stuffs.Any help will be highly appreciated.

Thank you,

Robot

unSpawn · 09-25-2004, 07:24 AM

1\..*This individual user(member of projectusers) can login into the machine but s/he should not create, modify files.
First of all, then please explain the purpose of having ro users. Knowing the purpose usually dictates a less generic answer. Not being able to write means no shell history, no email, no nothing. Anyway, the short answer lies in changing permissions on user and group-owned files and dirs and setting the user and group umask (unless you can use extended ACL's).

2 When I create a group called 'webadmin', Is it necessary to create a userid called 'webadmin'?
AFAIK that's the default policy for RHL to also create a user. If it doesn't, you should.

Because the above users(projectusers) should su to webadmin to work.
Yes. Groups can't "su" :-]

I want to add some of the members of projectusers to webadmin group and it helps them to su to webadmin.How can I do that?
On creating group specifying additional group user should be added to. If afterwards, using useradd or vigr.