Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
04-23-2006, 04:35 AM
|
#1
|
LQ Newbie
Registered: Dec 2005
Posts: 20
Rep:
|
Users and permissions
Hi,
I intend on having one user account that has minimal permissions which can be used for two things:
a. running apps using screen
b. acting as an account for vsftpd to use when running
I started by making an account by using useradd and passwd to set it up, but it would seem the new user is not allowed to use screen, I get an error saying "Cannot open your terminal '/dev/pts/0' - please check." How can I fix this? and is there anything else I should do to reduce the abilities of this account?
Thanks,
Tom
|
|
|
04-23-2006, 08:44 AM
|
#2
|
LQ Newbie
Registered: Apr 2006
Posts: 17
Rep:
|
what exactly are you typing at the prompt?
is screen essential?
what is the root reason why are you doing this?
|
|
|
04-24-2006, 07:08 AM
|
#3
|
LQ Newbie
Registered: Dec 2005
Posts: 20
Original Poster
Rep:
|
screen is essential
I am typing screen ./sc_serv I need the shoutcast server to sit in a screen by itself.
Thanks,
Tom
|
|
|
04-25-2006, 10:59 AM
|
#4
|
LQ Newbie
Registered: Apr 2006
Posts: 17
Rep:
|
why cant you just use an xterm and su to the other user?
you didn't answer my question about the root of your problem.
|
|
|
04-29-2006, 04:41 PM
|
#5
|
LQ Newbie
Registered: Apr 2006
Posts: 17
Rep:
|
i'm not sure what you mean by "an account with minimal permissions". in linux/unix/etc users have user permissions. they can only have access to other things (in general) if they belong to groups. users and groups don't "get" permissions like in windoze land. files have access based on their mode, as in chmod (change mode). if an app or file has read/execute permissions, 755 for example (meaning "other" may read and execute that file (or decend the directory if the file is a directory), anybody can read/execute that file.
see man chmod, man ls (look for info on -l (ell) option)
as for using screen, i don't think it will buy you anything that simply using an addl xterm won't. if you want it on a particular virtual desktop, move it there or create it there. if you want that xterm to think you are a particular user, su otheruser.
clear?
Last edited by pen8wen; 04-29-2006 at 04:42 PM.
|
|
|
04-29-2006, 05:26 PM
|
#6
|
Member
Registered: Sep 2005
Location: Old Blighty
Distribution: Slackware, NetBSD
Posts: 536
Rep:
|
Quote:
as for using screen, i don't think it will buy you anything that simply using an addl xterm won't
|
screen is very different from simply running an app in an xterm. You can detach it and log back in later, from another computer etc. Also, the program will not die if the X server crashes/exits.
Quote:
b. acting as an account for vsftpd to use when running
|
You shouldn't really be using the same account for running a server. Create a separate account for vsftpd.
|
|
|
04-30-2006, 01:14 AM
|
#7
|
LQ Newbie
Registered: Dec 2005
Posts: 20
Original Poster
Rep:
|
ioerror is right, that's why I wish to use screen.
Thanks, pen8wen for the info on how linux permissions work.
So any ideas as to why screen doesn't work as this other user?
Thanks,
Tom
|
|
|
04-30-2006, 06:26 AM
|
#8
|
Member
Registered: Sep 2005
Location: Old Blighty
Distribution: Slackware, NetBSD
Posts: 536
Rep:
|
Quote:
"Cannot open your terminal '/dev/pts/0' - please check."
|
I assume you can use screen OK as your regular user, so this is probably some permissions problem, though exactly what is not immediately obvious. One useful thing to do is to run the program under strace, that will tell you what it's trying to do when it fails (well, presumably trying to open /dev/pts/0 but the error value from the kernel will give a specific reason why it can't).
|
|
|
04-30-2006, 06:34 AM
|
#9
|
Member
Registered: Sep 2005
Location: Old Blighty
Distribution: Slackware, NetBSD
Posts: 536
Rep:
|
Oops, posted same msg twice, sorry. Damn firefox.
Last edited by ioerror; 04-30-2006 at 06:38 AM.
|
|
|
04-30-2006, 06:56 AM
|
#10
|
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733
|
Quote:
"Cannot open your terminal '/dev/pts/0' - please check."
|
Log into the (pts/0) virtual terminal as your user and try again. There is an option to the bash shell that reduces the commands that can be run. It is something you might do in a chroot jail. If you create a user for this, you could create a custom .bash_login and .bashrc so you can control the paths and environment. If you make these files owned by root, and only readable by your user, this can prevent alteration by someone breaking into that account. However, since the directory is owned by this user, they can be deleted, unles you use the sticky-mode for this users directory.
Look in the info bash pages, in section 6.2 on the Restricted Bash Shell.
I think that in the /etc/password file you use "/bin/bash -r" as the users shell, that can restrict the user to using this shell.
Last edited by jschiwal; 04-30-2006 at 10:04 PM.
|
|
|
All times are GMT -5. The time now is 01:39 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|