Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-23-2007, 08:32 AM
|
#1
|
Member
Registered: Aug 2006
Distribution: Ubuntu, CentOS
Posts: 31
Rep:
|
chmod / setuid
Hello,
General enquirey please -
i have a folder /root/testdir/ with permissions set as :
Code:
drwxr-xr-x 2 root root 4096 2007-10-23 12:50 test/
if i want only the user 'testuser' to have read/write/execute permissions on this directory what command would i use?
Thankyou in advance.
|
|
|
10-23-2007, 08:52 AM
|
#2
|
Member
Registered: Oct 2007
Location: Norway
Distribution: Slackware 14.1
Posts: 446
Rep:
|
Well, first, to access that folder, testuser would need to be a root user to access /root. Since everybody who can access /root is a member of root, you can't block someone out of /root/testdir. I don't know what your up to, learning or actually block everyone but testuser out of one folder. Notice that root and other members of the root-group always will have access to everything, so as long as this folder is in /root/ you will not be able to test it out properly. And to clear things up. You can't stop root from accessing things.
So, if learning is what you want, I suggest to move the directory to /tmp or /home or some other place.
Anyhow you can achieve to block everyone but testuser out of a directory like this:
chown testuser testdir
group to something, ie testgroup (Actually optional, but it's nice to do it)
chgrp testgroup /root/testdir
This could be done in one command
chown testuser.testgroup /root/testdir
Make sure testgroup exist.
Then change the modes:
chmod u=rwx,og= /root/testdir
That will set rwx for user (testuser) and nothing to the group and others.
Last edited by Dinithion; 10-23-2007 at 08:54 AM.
Reason: Typos
|
|
|
10-23-2007, 09:20 AM
|
#3
|
Member
Registered: Aug 2006
Distribution: Ubuntu, CentOS
Posts: 31
Original Poster
Rep:
|
Hello,
Thanks for the reply, very much appreciated. However, i feel i should revise my original question. (p.s. i am trying to learn and not cause any malicious damage to a system, so my appologies for using /root/testdir as an example).
What i would like to know is this :
If i have any folder at all, e.g. /test/testdir and the permissions are set to :
Code:
drwxr-xr-x 2 cmc cmc 4096 2007-10-23 14:12 testdir
How would i allow read/write/execute access to this folder to only one other user? For example, with the folder above, the users root and cmc have access just now, however i wish for another user called 'testuser' to have read/wrte/execute permission on this folder also, so that only the users root, cmc and testuser have read/write/execute access to this folder, and no other users can write to it. If possible, i would like to avoid changing the owner or the group of the folder /test/testdir/
Thankyou in advance.
|
|
|
10-23-2007, 09:45 AM
|
#4
|
Member
Registered: Oct 2007
Location: Norway
Distribution: Slackware 14.1
Posts: 446
Rep:
|
Well, thats the deal with *nix filesystem. They have a really straightforward policy. Either your owner, in the group or your someone else. So in this case, you have some solutions, but none like you are seeking.
1. You could have to create a group, and put cmc and testuser in to this group and change the group of the folder. (What you didn't want but it works).
Pros: Can be extended with more people to access file.
Cons: You have to change the group.
2. If you have one group for each user (It looks like you have), you can change the group to testuser.
Pros: You achieve what you want
Cons: You have to change the group.
3. Start using ACL. This is somewhat the same as the one you find in Windows. You can add more users with read/write permissions, without changing the owner, add groups with read/write, and do a lot of funky stuff. This should cover your needs.
Pros: You achieve exactly what you want. Its flexible, and ideal for fileservers, nfs, multiusercomputers sambashares etc.
Cons: You have to install software and enable ACL in the kernel (If it's not already activated). It's a bit more confusing then the traditional rwx, but its toppers when you first get it. Another con that I'm not sure of is the security of this system. I can't see any real danger or flaws, but who knows?
|
|
|
10-23-2007, 09:52 AM
|
#5
|
Member
Registered: Aug 2006
Distribution: Ubuntu, CentOS
Posts: 31
Original Poster
Rep:
|
Dinithion thanks very much for all the help and advice, i really appreciate it.
|
|
|
All times are GMT -5. The time now is 02:56 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|