LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   h t restrict user permission? (https://www.linuxquestions.org/questions/linux-newbie-8/h-t-restrict-user-permission-813585/)

abdoullah 06-11-2010 11:22 AM
h t restrict user permission?
 
Hi Guys,
i am trying to restrict user access to files by making him belong just to apache group, issued the following command :
usermod ktouati -g apache

i created a test file:
-rw-rwx--- 1 root apache 7 Jun 11 07:38 test

and i can't see why ktouati can access the "test" file, once in it says permission denied.
thank you for any help!

TB0ne 06-11-2010 01:52 PM
Quote:
Originally Posted by abdoullah (Post 4000399)
Hi Guys,
i am trying to restrict user access to files by making him belong just to apache group, issued the following command :
usermod ktouati -g apache

i created a test file:
-rw-rwx--- 1 root apache 7 Jun 11 07:38 test

and i can't see why ktouati can access the "test" file, once in it says permission denied.
thank you for any help!
Permissions are:

File type is first bit.
First three positions are for owner rights
Second three positions are for group rights
Third three positions are for others rights.

So owner is root, but ktouati is in the apache group, which has full rights to the file. So opening it isn't a problem. Not sure what you mean by "once in it says permission denied"...what do you mean? What are you doing to test it?

Ajay Singh Tilawat 06-12-2010 01:03 PM
check wheather the user is added in apache group /etc/group
usermod -g apache <username>

TB0ne 06-12-2010 02:19 PM
Quote:
Originally Posted by Ajay Singh Tilawat (Post 4001349)
check wheather the user is added in apache group /etc/group
usermod -g apache <username>
The OP said he did that already...read his first post.

myposts 06-12-2010 02:35 PM
May be ... it will help
 
To tell you the truth, you must understand how UNIX file permissions works, first. And it is really too much to type. You can try Evi Nemeth books or "Learn Linux" series DVD, they are very good on explaining this stuff. There are things like sticky bits that play role, also would you like to use a standard unix permission model or extended (they are very different in both design and commands)
In short if user permissions are sufficient, it will ignore all other permissions and so on, but in practice, you really must figure out the way it works because it will affect EVERYTHING you do in Linux.

btmiller 06-12-2010 02:39 PM
Also, if you add a user to a group, that user must log out and thern log back in (or use the newgrp command) before the new group membership will be applied to them.

abdoullah 06-14-2010 08:21 AM
Hi Guys,
thanks for all that suggested solutions, actually i was to ask how to check that a user is added to a group.
but i noticed that Ajay is typing the command in a different way that i did: usermod -g apache <username> i did type like this usermod <username> -g apache.
once i typed the command correctly logged out and back in, it's working, thanks Ajay! and you all! but i'm still wondering is there a command to troubleshoot and see if a user is added to a group?

vikas027 06-14-2010 08:24 AM
Quote:
Originally Posted by abdoullah (Post 4003066)
but i'm still wondering is there a command to troubleshoot and see if a user is added to a group?

Code:

grep username /etc/group

abdoullah 06-14-2010 09:11 AM
Thank you very much Guys!!


All times are GMT -5. The time now is 12:48 AM.