Umask on users

**sharma251185** · 09-13-2011

Hello

Here in my organization all pc are ubuntu. Now, I want to develop umask on user.

scenario is that person (who loged in) can only access his home directory not others home directory.

Please Guide me.

**devils casper** · 09-13-2011

I am not getting your question. Isn't it default in all Linux distros that one use can not access home folders of other users?
Only user having root privileges can access all /home/ folder.

**LinuxSecurity** · 09-13-2011

Originally Posted by sharma251185

Hello

Here in my organization all pc are ubuntu. Now, I want to develop umask on user.

scenario is that person (who loged in) can only access his home directory not others home directory.

Please Guide me.

You want to use it umask of 077.

You can modify the system wide default umask for PAM authenticate users via /etc/login.defs .

I hope this helps!

-Eric

**sharma251185** · 09-14-2011

by default permissions on "/home" folder are

#ls -l /home

drwxr-xr-x 26 ashish ashish 4096 2011-09-14 10:41 ashish
drwxr-xr-x 6 ved ved 4096 2011-09-10 15:04 ved
drwxr-xr-x 5 yogesh yogesh 4096 2011-09-13 15:21 yogesh
drwxr-xr-x 2 hiren hiren 4096 2011-09-13 18:15 hiren
drwxr-xr-x 3 rahul rahul 4096 2011-09-13 18:15 rahul

Now, I want this as belove

drwx------ 26 ashish ashish 4096 2011-09-14 10:41 ashish
drwx------ 6 ved ved 4096 2011-09-10 15:04 ved
drwx------ 5 yogesh yogesh 4096 2011-09-13 15:21 yogesh
drwx------ 2 hiren hiren 4096 2011-09-13 18:15 hiren
drwx------ 3 rahul rahul 4096 2011-09-13 18:15 rahul

Please Help me

**sharma251185** · 09-14-2011

Hello "LinuxSecurity"

I tried as you mentioned, but the problem is that its changed the permission for newly files not for "/home" folder......... Please advise

**zackwasa** · 09-14-2011

You need to configure the FTP server you are using to chroot the users to their home directory

**sharma251185** · 09-14-2011

Sorry I think you haven't catch my question. I wanna use umask on users' home directory not on ftp user.....

Yes I know about ftp configuration in that there is one option who can put ftp user in jail....

Please, read my question carefully and advise

**LinuxSecurity** · 09-15-2011

I think what you mean is that you would like to change the UNIX discretionary access controls for existing users' files and directories.

Be careful with these commands! Be certain that you understand what they are doing, as they may also lockout system services which need access to users home directories, such as Apache.

This command will change all directories in/home to 0700 permissions:

find /home -type d -exec chmod -v 0700 {} \;

And this command will change all files in this folder to 0600 permissions. Be careful with this command, because if you have scripts in this directory it will remove the executable bit and they will not execute:

find /home -type f -exec chmod -v 0600 {} \;

After running these two commands, be sure to change ownership of /home to 0711 so that users will still have access to their own home directories:

chmod 0711 /home/.

-Eric

Thread Tools

Display

Umask on users

Posting Permissions