Hide File Systems From User
I was wondering if it was possible to hide the File Systems from a user. So when then browse through folders or choose to save something the default folder is their "home" folder. I am using SAM Linux distribution and don't want my users to be able to screw anything up! I use thunar as my file manager and was just wondering if it is possible?
-Any help would be appreciated, Andrew |
Most (all?) system directories are already set so ordinary users cannot write to them.
Users home directories can be set to permissions of 700 (the default is sometimes 755, depends on distro), which means that only the owners of those directories can read from them or write to them. Understanding Linux file permissions Welcome to LQ! |
I was hoping that the user could only see and use their users folder so instead of having access to filesystems/home/"user" they would just have access to "user" and would not be able to edit or even view any of the filesystem folders such as bin, boot, dev etc.. Is it possible to do this with permissions? I was under the impression that permissions only worked for individual folders and subfolders not the whole file system.
also, if i make my users have no rights for their tmp folder will this mess everything up because the os won't have permission to store date in it? Thanks for everything, Andrew |
You can do so with a 'chroot jail'. I suggest you to search for those terms and come back if you need some extra help ;)
|
chroot jail looks good!
I think chroot jail is what I want, Iv looked into it and it is promising (and intense!!).
However after reading up on it, don't you have to copy some of the directories such as bin and you shared directory (which was what I was trying to hide initially)? for example if I used chroot and made the root directory "user" and didn't copy over any of the other directories would i be able to use my applications still? |
Can anybody help shed some light on this?
|
When you are into a chroot nothing outside of it is accessible, that's the whole point of chrooting, and there's no way to run something if you can't first read it from the disk. So I doubt that you have many alternatives.
|
hmm looks like I'll have to try it out then. Thanks for the reply!
|
Quote:
Just to re-iterate that those chrooted users won't be doing much. |
Hi,
Quote:
You can look but don't touch. If permissions are setup then the browsing is going to do nothing. Your system should be setup so as the user has his '~'. Outside of that unless you provide permissions or passwords to access su rights then what do you expect that user to do? A user if they are allowed to browse (read) but no write then what will happen? Nothing! If you setup global access then that's your fault. If the user breaks something in their environment then that will be recoverable. Just remember, no rights then no writes. :) |
stupid question but what do you mean by their "~"? I think I will have to settle with changing permissions (I just didn't want them to be able to see the directories because its for old people and i don't want them getting confused):)
Thanks! |
"~" means "home directory", it's equivalent to "$HOME", usually somewhere under /home/
|
Hi,
Quote:
I can see your need but as I said it before 'rights to write' then you could 'rights to read'. :) |
All times are GMT -5. The time now is 12:13 AM. |