h t restrict user permission?
Hi Guys,
i am trying to restrict user access to files by making him belong just to apache group, issued the following command : usermod ktouati -g apache i created a test file: -rw-rwx--- 1 root apache 7 Jun 11 07:38 test and i can't see why ktouati can access the "test" file, once in it says permission denied. thank you for any help! |
Quote:
File type is first bit. First three positions are for owner rights Second three positions are for group rights Third three positions are for others rights. So owner is root, but ktouati is in the apache group, which has full rights to the file. So opening it isn't a problem. Not sure what you mean by "once in it says permission denied"...what do you mean? What are you doing to test it? |
check wheather the user is added in apache group /etc/group
usermod -g apache <username> |
Quote:
|
May be ... it will help
To tell you the truth, you must understand how UNIX file permissions works, first. And it is really too much to type. You can try Evi Nemeth books or "Learn Linux" series DVD, they are very good on explaining this stuff. There are things like sticky bits that play role, also would you like to use a standard unix permission model or extended (they are very different in both design and commands)
In short if user permissions are sufficient, it will ignore all other permissions and so on, but in practice, you really must figure out the way it works because it will affect EVERYTHING you do in Linux. |
Also, if you add a user to a group, that user must log out and thern log back in (or use the newgrp command) before the new group membership will be applied to them.
|
Hi Guys,
thanks for all that suggested solutions, actually i was to ask how to check that a user is added to a group. but i noticed that Ajay is typing the command in a different way that i did: usermod -g apache <username> i did type like this usermod <username> -g apache. once i typed the command correctly logged out and back in, it's working, thanks Ajay! and you all! but i'm still wondering is there a command to troubleshoot and see if a user is added to a group? |
Quote:
Code:
|
Thank you very much Guys!!
|
All times are GMT -5. The time now is 12:48 AM. |