Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am a very newbie at linux. The Linux Engineer went back to school .. and I have been left with holding the bag. So ... here I am.
I am running Ubuntu flavour of Linux.
I would like to restrict access to certain directories for certain users. How do I set this up ?
I have 10 directories, D1 - D10
There are 15 developers (Software Engineers) SE1 - SE15
SE1 - SE10 have access to Directories D1 - D7
SE7 - SE15 have access to directories D5 - D10
(Basically SE7,8,9,10 have access to all the directories)
All the developers access the Linux server via SSH. Or via command line from the "DOS prompt" on their windows work stations.
One easy way would be to make two groups. one for d1-d7 and another for d5-10. Then assign permissions for the each group. and for access to all dir for se7,8,9,10 just make them a member of Both groups.
In the /etc/group file I have a group defined as follows
G5:x:1023:SE1,SE2,SE3,SE4,SE5,SE6,SE7,SE8,SE9
G6:x:1024:SE1,SE2,SE3,SE4,SE5,SE6,SE7,SE8,SE9,SE10
G7:x:1024:SE5,SE6,SE7,SE8,SE9,SE10
I have changed the group owner for D5 to G5 and D6 to G6
chgrp -R G5 D5
chgrp -R G6 D6
Then I changed the permission for directories
chmod 760 D5
chmod 760 D6
... which gives persmission to the group owner.
I would like to give permission to the individuals in the group. I tried chmod 777, 775, 765. I am trying to figure out how the chmod works. What should I use so that only G5 has access to D5 ?
-rwxrw---- [for a file]
drwxrw---- [for a directory]
That doesn't seem right. "x" permission (execute) on a file makes the file, well, executable (ie like a program or script). "x" permission on a directory allows to descend into the directory and any of it's subdirectories.
So, it should be something like:
rwxrwx--- [for an executable file]
rw-rw---- [for a regular file]
rwxrwx--- [for a directory]
drwxrw---- [for a directory]
Next, assume r=4, w=2 and x=1 and that the first three are access to the user that owns the file, the second three are for the group owning the file and the last three are for everyone else.
So, a little simple math shows you that:
rwxrwx--- => rwx for user: r+w+x=7, same for group, --- = 0 for everyone else. Hence, chmod 770 some_directory.
-R makes chmod work recursively on all files and subdirectories of the mentioned directory.
Another way to use chmod is via symbols (read "man chmod" for details). An example would be:
chmod g+rwx some_directory
This gives the group (g) rwx (read-write-execute) permission.
That doesn't seem right. "x" permission (execute) on a file makes the file, well, executable (ie like a program or script). "x" permission on a directory allows to descend into the directory and any of it's subdirectories.
So, it should be something like:
rwxrwx--- [for an executable file]
rw-rw---- [for a regular file]
rwxrwx--- [for a directory]
drwxrw---- [for a directory]
Next, assume r=4, w=2 and x=1 and that the first three are access to the user that owns the file, the second three are for the group owning the file and the last three are for everyone else.
So, a little simple math shows you that:
rwxrwx--- => rwx for user: r+w+x=7, same for group, --- = 0 for everyone else. Hence, chmod 770 some_directory.
-R makes chmod work recursively on all files and subdirectories of the mentioned directory.
Another way to use chmod is via symbols (read "man chmod" for details). An example would be:
chmod g+rwx some_directory
This gives the group (g) rwx (read-write-execute) permission.
Be careful that no files are owned by root.
Thanks for that. I just noticed I used a 7 instead of a 1 and used the word full instead of execute.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.