|
Sharing a directory with a regular user (with write permission)
I decided that I want 2 users to share a home directory, so that their config files ( ~/.* ) are identical. That is, my regular user account, and root. No problem, just a simple change in /etc/passwd, and recursively chown the shared directory to the regular user.
But whenever root writes a new file in the shared home directory, the regular user doesn't get permission to write to that file, obviously. I have to chown or chmod it, as root. I know there has to be an easier way of doing this. Setup a group maybe? I'm not sure exactly how this works though, because I've only ever used the computer for personal purpose, never shared. And then setguid for this directory? But how can I get it to work recursively, so that all files created within will get permission 770? Not chaging root's umask, because I don't want the regular user to have permission outside the home directory, as normal. How is it done? |
Did you try to create a separate File System and mount it with a GID ?
Example: /dev/hdb5 /DateGRP200 raiserfs gid=200,umask=0007,user,exec 0 0 200 is the ID of the group where the "allowed" users belong to. If your /home directory happens to be on your / filesystem, then putting root and your "normal" user in one group will not help you too much (except you change their primary group). |
I did think about that. But surely there has to be a way, without creating a seperate filesystem... ?
|
|
This is really a Bad Idea. You shouldn't need any configuration settings as root besides maybe your bash profile and what not. Surely you are not running X as root?? Or any GUI mail suites, etc, etc. The only reson to use the root account is to modify the system in ways that is forbidden to users. Otherwise run as user all the time. su to root when necessary. I am sure DE's like KDE and Gnome provide GUI ways to temporarily become root to use certain tuning utilities as well (can't remember, it's been awhile since I used either).
I don't run any X based software as root. Any security flaws they might have will be magnified 100 fold if the user running them is root. I su to root from a command line to modify config files, play with the kernel, etc and then exit back to my user. By trying to combine anything your no_permission_having_user does, with your all_powerful_root_account is again, a Bad Idea ;) Here is the entire listing of my root ~/ root@tuxbook:~# ls -a . .bashrc .keep .rnd .xauthC0djVo .xauthYPDPzT .xauthnDsfOX .. .config .mcop .ssh .xauthKEPXuj .xauthdmmDFy .xauthrmozUS .ICEauthority .dvdcss .mcoprc .viminfo .xauthM0VzwS .xauthgDjClf .xauthsQiCOW .Xauthority .fonts.cache-1 .nessusrc .xauth23J5bB .xauthRpAjlA .xauthhHMNXW .xinitrc .bash_history .hcwd .xauth3jUCgk .xauthUfSJ2t .xauthkzSlB8 Nothing in there my user needs, and no reason for root to have all my X based configs. There are ways to do what your asking, but none are close to being good security practice. |
Yes, I was aware that it was a bad idea. That's why I explained that one of the users sharing would be root.
Logging in as root at graphical login, yes. I should never do that at all either? I did it because it was easier than su'ing all the time, and so that I could easily have graphical programs (such as konquerer, for file browsing) running as root. Really? KDE provides a graphical way to become root? Yes, that would be much easier than sharing config files. Anyone tell me how to do that? Thanks for advice ^^ |
Quote:
Quote:
Personally, I run Fluxbox and all configuration is done from the command line so I just can't remember much more for you sorry. |
| All times are GMT -5. The time now is 12:58 AM. |