-   Linux - Security (
-   -   Password Protected Directories (

TheSockMonster 05-27-2002 08:24 AM

Password Protected Directories
Is it possible to password protect individual directories without having to define multiple users?
I'm using Mandrake 8.2.

Any help would be much appreciated.


sewer_monkey 05-31-2002 01:16 PM

If you don't understand my explanation at first, please read the manpages of the commands I listed at the bottom.

If you just want to password-protect a directory, then set its group to, say, "private". You will also need to create a password-protected group with the same name first. Also make sure the world permissions on that directory are set to 0 or "o-rwx" (i.e. no permissions). The group permissions should be set to 5/"g+rx-w" (read-only) or 7/"g+rwx" (full access).

Then, to access the protected directory, instruct your users to switch to the "private" group using the "newgrp private" command, which will prompt them for the password of the group "private". Once the user switched to the group "private", he/she will have access to the protected directory. Do not add any users to that group. If a user is listed as a member of a group, he/she can switch to that group without a password.

Here's an example of a procedure (has to be done as root):

[root@amazon /]# groupadd private
[root@amazon /]# gpasswd private
Changing the password for group private
New Password:
Re-enter new password:
[root@amazon /]# mkdir private_dir
[root@amazon /]# chown -v :private private_dir/
changed ownership of `private_dir' to :private
[root@amazon /]# chmod -v 770 private_dir/
mode of `private_dir' changed to 0770 (rwxrwx---)

The end users will then have to use the newgrp command to log into the group account "private" and access the directory.

To create a new group, see groupadd.
To set the group password, see gpasswd.
To change the permissions on directories and files, see chmod.
To change the ownership of (the user and group that owns) the file/directory, see chown.
To switch groups, see newgrp.
To see what groups you belong to, see id.

Noerr 05-31-2002 05:07 PM

I always wondered if there is a way to do that through samba?
for windoze users, but I guess it isn't

All times are GMT -5. The time now is 05:31 AM.