Basic permissions questions
 

Im still confused with permissions in Linux (mandrake 9)

Here is what i want, can u please tell me what perms to use on each folders ? thx

i want users to be able to log in by ftp and do what they want with their files in their directory /home/user

i want them to be locked in this directory /home/user , i dont want them to access /var , /etc or stuff like that

i want users to be able tu put html files in their folders /home/user/public_html and i want those files to be accessible from the outside.

the thing i dont understand is this one: when a user logs in by ftp, it seems that linux sees them as others and not as users...is that possible ?

can i have all those thing i want ? or is it impossible ?


Ex: if i chmod /home/* to 755
- users html files are accessible via Web (/home/user/public_html)
- users can log in by ftp and list the content of their /home dir, they can write and delete files, but they can see the other users folders by writing /home/otheruser in the location box and i dont want that.
- users can browse thru the entire system ...for example /var/www , wich i dont them to be able to

Ex: if i chmod /home/* to 711
- users html files are accessible via Web (/home/user/public_html)
- users can log in by ftp but cannot list the content of their /home dir, they cannot write files
- they can go the other users folders by writing /home/otheruser in the location box but they cannot list
- users can browse thru the entire system ...for example /var/www , wich i dont them to be able to




Thanx for your time, this is verry important for me

when you do an "ls -l" you will see something similar:
two users there - root, and rom. the ones starting with "d" are directories.
the others are all files with this "rwx rwx rwx".
read it as :
rwx rwx rwx
User Group Others

so, this "-rwxr--r-- 1 root root 15801 Dec 4 20:49 iwscanswitch.c" would mean, that the user has read,write,exec perms on the file. group and others have only read perms on it.

if you want everyone (user,group,others) to be able to do everything on this , you will say,
chmod ugo+rwx iwscanswitch.c = all users, all perms
chmod go+rw iwscanswitch.c = group+others, read+write
chmod go-rx iwscanswitch.c = take awat read/write perms for group+others.

and u get the idea.

the other way is to specify the numbers, like "chmod 755 iwscanswitch.c" which is similar to giving user all perms, and group+others permission to read+execute.

the numbers in 755 correspong to the binary equivalent of "rwxrwxrwx", taken 3 at a time. you know the first three from the left correspond to User, the middle 3 to Group, and the 3 on the right to Others.

User rwx: 000 = 0 - no perms
101 = 5 - read+exec
110 = 6 - read+write, but no exec
111 = 7 - all actions permitted .... and so on. hope u get the idea. so i get the 7 in 755 from the above to give the user rwx perms on the file.

ill stop now. hope that helps.

oh great, i just saw ur edit, andrealized i didnt have to explain all that. lol

Which ftp server are you using, Punker51? It seems you need to chroot users to their home dirs (and it's server-specific).

ProFTPD 1.2.5

I added the line

DefaultRoot /home/user user

and it seems to have solve my problem

big THX to you 2