Why should writing to my own home folder require elevation (Ubuntu Server 10.04)
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Why should writing to my own home folder require elevation (Ubuntu Server 10.04)
This is my first time configuring server Linux (Ubuntu Server 10.04). So far, I have created only one user login for administration. I've noticed I can't write to my own home folder without elevating to root status. This means that almost any process I launch needs to be run with sudo, even creating a text file.
I can see that the user and group for my /home/username folder are both "root", I'm assuming there is a reason. I'm pretty sure adding my login name to the "root" group would have unintended security consequences, such as being able to edit configuration files without elevation. Can I change the owner or the group on my home folder without making those files inaccessible to system processes that expect to access them (since under Ubuntu, my user login is a surrogate root account). I.E., is there a reason editing the content of my own root folder should require elevation?
Can you explain in more detail how you created that user? About /home subdirectories and subdirectories and files they contain - they should have owner and group of belonging user and permissions rwx for owner of course. The rest as you wish.
Flang3r: Right, I understand I can change ownership, I just wanted to ask if there was any reason I shouldn't. eSelix: What I mean by surrogate is that root logins are disabled in Ubuntu, any user in the sudoers can get root privileges provided they have the password. Since there is no /root folder, I wanted to make sure it is OK to tinker with privileges in my own home folder. It's the account that was created when I installed the system.
Actually it is strange, when you create an account when installing system, home folder always belongs to that user. Maybe you were doing something that required root access, switched to the root user, accidently or on purpose, deleted user's home folder and then recreated it?
Afaik there is no reason not to change user joe's homedir's ownership to joe
Flang3r: No, never deleted the original account. The only odd thing I've done is mount an external SATA drive at /home . The box is a pre-owned HP Prolient dual Xeon DL-380 Gen 3 rack mount. Rather than add additional SCSI drives (this is for home experimental use), I had a PCI-X compatible SATA controller and a 750Gb drive I never got to work on my old P4s. I'm powering it for now from the external brick from one of those IDE/laptop_IDE/SATA to USB test adapters (if anybody knows how to access +5 and +12 rails inside a rack server, I would be grateful). I'm pretty sure I was having this problem before I plugged in, partitioned, formatted, and mounted the drive, but I'm not sure. Thanks for verifying it won't hurt to take ownership of my own home folder.
root logins are disabled, but account is fully functional, for example some services start as root, you can "su" (switch user) to root, etc. If you have no /root folder it can be wrong if in /etc/passwd file this directory is written as home for root, because some programs working on root account possibly may need to use his home folder.
As you see, incorrect permissions in user home directory lead to problems. You need to change ownership of these directories and its content to proper user (like Flang3r wrote but also give -R option for recursion). And when root create file or directory in user folder he should take care to change its ownership and/or permissions, without that only root can write to it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.