Share configuratin dir (.dir) for 3 accounts on local computer
Happy new year to all of you. :D
I want to share an configuration folder for an group where i can't specify in which directory to store the configuration. Which is true for the most of all apps i think. I made it this way and think this is not the best way (security): + group "<softuser>" holds the users for access to "<program>" + chmod 750 for /usr/bin/<program> + added shell-script "/usr/bin/<program>-start" in with chmod 750,chown root,chgrp "<softuser>" content: #!/bin/sh # chgrp <softuser> -R /opt/<programdir>/.<program-config> chown root -R /opt/<programdir>/.<program-config> # <--- user can't change owner to root !!! chmod 770 -R /opt/<programdir>/.<program-config> /usr/bin/<program> so user can now start program with "<program>-start" and has access to same documents which another user modified/created etc. This is what i want. Full Acess for everyone in the group but only in this dir. I tried 's' flag for <program> but the rights are only then for the specific user. I thought it will be using the group context but it sets the group to the user-group, how it should be, but not what i want in this case. I need this on my single-pc. No network access. I have 3 accounts and want them to share this directory for the application only. Any 'good' advises how to setup something like this in a professional and secure way ? I forgot to write the reason why it is not a good solution is that the files will be stored with user/usergroup rights so that another account has no access. How said above this is ok but not for my purpose. Thank you. |
NOTE: This is only an untested theory.
You could create a "shared user" and have all users run the program as that user. Put in /etc/passwd file. shareduser::10000:10000:User to run program:/opt/programdir:/bin/bash chown shareduser:shareduser /opt/<programdir> chmod 770 /opt/<programdir> In your startup script: #!/bin/sh # su -c /usr/bin/<program> shareduser |
Quote:
it might be easier to write a script which will execute after every lougout for the 3 users to change the group so that any user has access to the documents which were created by the others. But .bash_logout does only work for the console. I need something for the gui Gnome/KDE or which desktop will ever be used in the future. Maybe you have another good idea. Thanx anyway. |
d:-(
Yoo. Dat wars dann wohl. :-(
|
Well howanout substituting su with kdesu or some gnome alternate? It will then ask for the password with a fancy GUI box..
|
Quote:
|
All times are GMT -5. The time now is 01:03 AM. |