Find the answer to your Linux question:
Results 1 to 3 of 3
I have a requirement to lock down a subdirectory and need some assistance. Say I have a user "charlie" his home directory is /home/charlie. Charlie will send me a spreadsheet ...
  1. 08-02-2007 #1
    mjc
    mjc is offline
    Just Joined!
    Join Date
    Jul 2007
    Posts
    21

    Locking down a subdirectory

    I have a requirement to lock down a subdirectory and need some assistance. Say I have a user "charlie" his home directory is /home/charlie.

    Charlie will send me a spreadsheet everyday to a subdirectory, lets call it inbound; the file goes into /home/charlie/inbound.

    However, charlie is only allowed to place his daily spreadsheets into this subdirectory and cannot view if there are other spreadsheets there. He is only supposed to have permission to write into /home/charlie/inbound and nothign else. He cannot view /home/charlie or /home/charlie/inbound or anything else.

    An administrator "Sam", or his manager "Frank" can go into /home/charlie/ as well as /home/charlie/inbound to read, write and delete / execute.

    How do I go about setting this up and proving it the correct permissions as stated?

    Thanks in advance
    Reply With Quote Reply With Quote
  2. 08-03-2007 #2
    infoshirish
    infoshirish is offline
    Linux User infoshirish's Avatar
    Join Date
    May 2007
    Location
    Pune, India
    Posts
    397

    Smile

    Hey,
    Well you need a User Administration here. Check the default directory of charlie just after when he login, by command
    #pwd
    It should show you /home/charlie directory. What are account type permissions set for Sam and Frank users. Are they root users?
    If they are, then you need to set nonroot privileges for those users. So that they cannot delete/create files in other users directories but can view/read them. And for that you need to set sticky bit.

    Steps:-
    well first of all i will suggest you to delete all users for whom you want to set user access privileges
    # userdel -r charlie
    #userdel -r Sam
    #userdel -r Frank

    Now create a group for i.e
    #groupadd useraccess
    #useradd -g useraccess charlie
    This will add charlie user to useraccess group. Same for other users.
    After this set password for all users by passwd command.
    Now set sticky bit for all user home directories so that can read each others files.
    #chmod 2770 /home/charlie
    #chmod 2770 /home/sam
    And so on for users created.
    Now any user can view/readonly files of any users under useraccess group.

    Note: Before deleting users take backup of there files/data.
    Regards,

    who |grep -i blonde |
    date; cd~; unzip; touch;
    strip; finger; mount; gasp;
    yes; uptime; umount;
    sleep

    Newbie clicks
    http://www.linuxforums.org/forum/lin...ead-first.html
    Reply With Quote Reply With Quote
  3. 08-03-2007 #3
    mjc
    mjc is offline
    Just Joined!
    Join Date
    Jul 2007
    Posts
    21
    Thank you infoshirish, I'll give that a try.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

...