LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 12-06-2016, 04:12 PM   #46
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148

http://unix.stackexchange.com/questi...ww-with-vsftpd


VSFTP chroot or jail users – limit users to only their home directory howto



Allowing FTP Access to Files Outside the Home Directory Chroot


yep, you're going to have to use your brain to figure out some of this stuff.

calling yourself stupid and telling yourself you can't do this or that is bad, stop bad.

Last edited by BW-userx; 12-06-2016 at 04:14 PM.
 
1 members found this post helpful.
Old 12-06-2016, 04:13 PM   #47
ParanoiaUser
Member
 
Registered: Jun 2013
Posts: 40

Original Poster
Rep: Reputation: Disabled
Can you guys stop worrying about stuff thats not related to what i am asking ?

I WANT this user to be in the other's home, there are only 2 users on this machine, just answer my question with clear modifications i need to make and stop worrying about things i am not asking about.

"what does your chroot configuration for this user look like?"

user2:x:1001:1001:,,,:/home/user1/randomfolder:/bin/bash

user2 has SSH deny.

Quote:
Originally Posted by BW-userx View Post
http://unix.stackexchange.com/questi...ww-with-vsftpd


VSFTP chroot or jail users – limit users to only their home directory howto



Allowing FTP Access to Files Outside the Home Directory Chroot


yep, you're going to have to use your brain to figure out some of this stuff.

calling yourself stupid and telling yourself you can't do this or that is bad, stop bad.
I've already done that man....i dont need to chroot the user, its done, i dont need access outside of the user's home directory....i am not asking for this.

See:

Quote:
Originally Posted by ParanoiaUser View Post
Guys, let me explain in more detail.

I have user1 with SFTP+SSH access to a machine.
User1 runs processes and creates files in home/user1/foldername

User2 has FTP only access, no sftp or ssh and is chrooted to home/user1/foldername

Having:

user1:x:1000:user2
user2:x:1001:user1

set in etc/group.

When user1 creates a file in home/user1/foldername, user2 will not be able to modify that file.

Note that: home/user1/foldername is user2's home.

I need both user1 & user2 to have read,write&execute(if execute is needed to delete a file) permissions on all files located in home/user1/foldername !BUT! also future files & folders + subfolders that will get created there, for example: home/user1/foldername/newfolder/newfile.txt

Last edited by ParanoiaUser; 12-06-2016 at 04:21 PM.
 
Old 12-06-2016, 04:37 PM   #48
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
Quote:
Originally Posted by ParanoiaUser View Post
Can you guys stop worrying about stuff thats not related to what i am asking ?

I WANT this user to be in the other's home, there are only 2 users on this machine, just answer my question with clear modifications i need to make and stop worrying about things i am not asking about.

"what does your chroot configuration for this user look like?"

user2:x:1001:1001:,,,:/home/user1/randomfolder:/bin/bash

user2 has SSH deny.



I've already done that man....i dont need to chroot the user, its done, i dont need access outside of the user's home directory....i am not asking for this.

See:
did you even look at what I did? gave a dir a certain permission where they both could create, read, write but only write to there own files.
 
Old 12-06-2016, 04:39 PM   #49
ParanoiaUser
Member
 
Registered: Jun 2013
Posts: 40

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by BW-userx View Post
did you even look at what I did? gave a dir a certain permission where they both could create, read, write but only write to there own files.
I want them to write to each other's files, i want them to have identical permissions, if user1 creates a file user2 should be able to do whatever he wants with it, read, write, delete, whatever.

Last edited by ParanoiaUser; 12-06-2016 at 04:42 PM.
 
Old 12-06-2016, 04:43 PM   #50
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
Code:

 cd testpermissions
userx@voided1.what/run/media/userx/WD3TB/testpermissions>> ls
userx@voided1.what/run/media/userx/WD3TB/testpermissions>> touch userxfile
userx@voided1.what/run/media/userx/WD3TB/testpermissions>> echo "userx file" > userxfile
userx@voided1.what/run/media/userx/WD3TB/testpermissions>> ls
userxfile
userx@voided1.what/run/media/userx/WD3TB/testpermissions>> echo "userx added this to bobs file" >> bobsfile
bash: bobsfile: Permission denied


userx@voided1.what/run/media/userx/WD3TB/testpermissions>> su bob
Password: 
[bob@voided1 testpermissions]$ touch bobsfile
[bob@voided1 testpermissions]$ ls
bobsfile  userxfile
[bob@voided1 testpermissions]$ echo "this is bob" > bobsfile
[bob@voided1 testpermissions]$ ls
bobsfile  userxfile
[bob@voided1 testpermissions]$ cat bobsfile
this is bob
[bob@voided1 testpermissions]$ rm *
rm: remove write-protected regular file 'userxfile'? y
[bob@voided1 testpermissions]$ ls
[bob@voided1 testpermissions]$
files are now all gone

Last edited by BW-userx; 12-06-2016 at 04:45 PM.
 
Old 12-06-2016, 04:48 PM   #51
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
775 permission, does not allow this, you do not even understand basic permissions?

that is what you said you wanted. a different user falls under 'other'

if you want everybody to be able to do everything to any file within that dir then look up permissions, and how to set them. get the one that allows everybody to do anything to everything. 666 but ..... you'd better read this first

http://linuxcommand.org/lts0070.php

set up your ftp to allow user file

Last edited by BW-userx; 12-06-2016 at 04:50 PM.
 
1 members found this post helpful.
Old 12-06-2016, 04:51 PM   #52
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
actually this is what you first stated
Quote:
If user1 creates a file, user2 will not have write permission for that file when connected to FTP.
that is what I figured out for you.

now you are saying this.

Quote:
I want them to write to each other's files, i want them to have identical permissions, if user1 creates a file user2 should be able to do whatever he wants with it, read, write, delete, whatever.
Make up my mind.

Last edited by BW-userx; 12-06-2016 at 04:55 PM.
 
Old 12-06-2016, 04:56 PM   #53
ParanoiaUser
Member
 
Registered: Jun 2013
Posts: 40

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by BW-userx View Post
actually this is what you first stated
that is what I figured out for you.

now you are saying this.



Make up my mind.
They both mean the same thing, i am saying user2 does not have write permissions to that file, thats the problem, i want him to have write permission to the file user1 has created.

Last edited by ParanoiaUser; 12-06-2016 at 04:58 PM.
 
Old 12-06-2016, 05:02 PM   #54
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
Use chmod -R 755 /opt/lampp/htdocs if you want to change permissions of all files and directories at once.
Use find /opt/lampp/htdocs -type d -exec chmod 755 {} \; if the number of files you are using is very large. ...
Use chmod 755 $(find /path/to/base/dir -type d) otherwise. Better to use the first one in any situation.


now figure out what permissions you need to actually put on your dir
 
Old 12-06-2016, 05:14 PM   #55
ParanoiaUser
Member
 
Registered: Jun 2013
Posts: 40

Original Poster
Rep: Reputation: Disabled
If i change the permissions, when new files / folders are created i'll have to change them again, this wont work for me, it must be automatic.
 
Old 12-06-2016, 05:21 PM   #56
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (current), FreeBSD, Win10, It varies
Posts: 9,952

Rep: Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148Reputation: 2148
Quote:
Originally Posted by ParanoiaUser View Post
If i change the permissions, when new files / folders are created i'll have to change them again, this wont work for me, it must be automatic.
hum, try having it run a script every time someone does something to change it.
have it run at log out, trying using mmmmmmmm -R mmmmm

try adding a user ftp that has rights to kill just about everything in the sys then only them that have that group can do what you want them to within that dir strut.


use this as a template

Code:
Using Unix Groups

Most users will want to be able to modify their content without being root.
The easiest way to achieve this is through the use of Unix Groups; you create
a group to which you add your content editing user, then you add the httpd 
user to that group.

Note that this doesn't easilly extend to more than one user who needs to
edit the files, since at that point you need to set Group write on the files.
One would need to use ACL's to achive this.

For example, we have a user "alice" who needs to edit our content, stored
in /var/www/html/

First we create the content group, then we add both alice and apache to it.

# groupadd www-content 
# usermod -aG www-content <user-name>
# usermod -aG www-content _apache

Now we need to set the right permissions on our files.

# chown -R alice:web-content /var/www/html
# find /var/www/html -type f -exec chmod 640 {} \;
# find /var/www/html -type d -exec chmod 750 {} \;

What we've done here is to set all files to 640, or rw-r----- and directories
to rwxr-x---. Because the group "web-content" is applied to all the files
and directories, httpd can read these files, but cannot write to them.
mod it to where only the users you want are attached to the dir so they can do what you want to let them do. YOU have to understand permissions, and that everything in that instruction can be changed and put anywhere in your system and it will still work. names and permissions and where it is established, that is

Last edited by BW-userx; 12-06-2016 at 05:23 PM.
 
Old 12-06-2016, 05:34 PM   #57
ParanoiaUser
Member
 
Registered: Jun 2013
Posts: 40

Original Poster
Rep: Reputation: Disabled
Quote:
Because the group "web-content" is applied to all the files
and directories, httpd can read these files, but cannot write to them.
I dont need this.

I want both users to be able to write to whatever files are in that folder.
 
Old 12-06-2016, 05:38 PM   #58
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Quote:
Originally Posted by ParanoiaUser View Post
I don't have time for useless replies
All the gum flapping, you could have fixed it by now.
You are going to have to fix it, else when user3 shows up "next" you will be right back here
demanding instant gratification.

End Transmission.

Last edited by Habitual; 12-06-2016 at 05:40 PM. Reason: yak shaving is not my thing
 
Old 12-06-2016, 05:49 PM   #59
ParanoiaUser
Member
 
Registered: Jun 2013
Posts: 40

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Habitual View Post
All the gum flapping, you could have fixed it by now.
You are going to have to fix it, else when user3 shows up "next" you will be right back here
demanding instant gratification.

End Transmission.
Useless.

You need to stop worrying about what i do when user3 shows up, how i setup SFTP or how my group permissions are chaotic or whatever the other poster called them.

More focus on the issue and give me a clear & exact step by step way of solving my problem to get 10$ BTC, simple stuff guys.

Last edited by ParanoiaUser; 12-06-2016 at 05:51 PM.
 
Old 12-06-2016, 06:35 PM   #60
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,237

Rep: Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656
Your users are made incorrectly. lets delete them, and start with two new ones.

Code:
# Get rid of your broken users and groups
userdel user1
userdel user2
groupdel user1
groupdel user2

# Create new users and a COMMON group
adduser user1
adduser user2
groupadd COMMON

# Add users to the COMMON group
usermod -g COMMON user1
usermod -g COMMON user2
chown -R user1:COMMON /home/user1

# make sure sftpd config has this in it
local_umask=0002
file_open_mode=0777

# make sure schroot.conf has this in it
groups=COMMON
at that point you will probably want to reboot, since some of the services running might not update their configuration.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
changing the default permission for both directory and files to 775 with umask fermat97 Linux - Newbie 1 11-14-2014 07:02 AM
New user group permission to only three folders without being owner zilexa Linux - Newbie 8 07-09-2014 11:57 PM
Can you make any files and folders created within a directory owned by another user?? helptonewbie Linux - Newbie 13 12-14-2007 04:21 PM
Samba can create new files and folders but access denied in any new folders k.king Linux - Networking 2 01-15-2006 06:14 AM
permission 775 to all folders and sub... amer_58 Linux - Newbie 3 04-23-2005 04:21 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 11:19 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration