Find the answer to your Linux question:
Results 1 to 6 of 6
I have been using Linux for about 1.5 years. I am still a noob but feel free to go techy on me I am setting up a machine on my ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2007
    Posts
    4

    Shared SSH Server


    I have been using Linux for about 1.5 years. I am still a noob but feel free to go techy on me

    I am setting up a machine on my campus for a professor who wants to let users log in via SSH and do some coding projects. I have the machine set up (Ubuntu 8.04.1 server) with SSH and everything. I am creating users on request instead of setting it up on our AD domain (btw, any info on this too would be great).

    My main concern is that the way it is set up right now, students can access other students' (or the professor's) home directory. Other than setting this manually, how can I set it up so that when I create a new user (via Webmin OR 'adduser') that permissions for home directories are set such that they are kept "private?"

    Also, is there a script or could somebody assist in writing a script that would do this for many many users? I sometimes have to add classfulls of users at a time. Would validating against AD be a better idea and would it automatically set home folders as private? I have read a little about setting this up with Samba, but any easy-to-understand guide that isnt a mile long (like on Samba's website....) would be greatly appreciated.

    Thank you all for your help!

  2. #2
    Linux Guru coopstah13's Avatar
    Join Date
    Nov 2007
    Location
    NH, USA
    Posts
    3,149
    Setting it up to authenticate to a windows domain should be fairly simple/straightforward, the only catch is you need administrator access to the domain to add this machine to it, if you don't have that, then you can't do anything no matter what. If you want to make the user's home folders only visible to their owners, just do
    Code:
    sudo chmod -R 700 /home
    Then no one will be able to see inside anyone else's home folder
    Last edited by coopstah13; 10-27-2008 at 01:06 PM. Reason: forgot sudo

  3. #3
    Linux Guru coopstah13's Avatar
    Join Date
    Nov 2007
    Location
    NH, USA
    Posts
    3,149
    possible script, named adduser.sh
    Code:
    #!/bin/bash
    sudo adduser $1
    sudo chmod -R 700 /home/$1
    call this script with ./adduser.sh <username>

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Aug 2007
    Posts
    4
    Thank you for your quick reply

    I have set up disk quotas now and am wondering if there is a way to implement setting up the quota's in the script? Each user is limited to 100MBs Hard and Soft.

  6. #5
    Linux Guru coopstah13's Avatar
    Join Date
    Nov 2007
    Location
    NH, USA
    Posts
    3,149
    you should be able to just add the quota commands to that script file, I've never done anything with quotas, so I can't help you there

  7. #6
    Just Joined!
    Join Date
    Aug 2007
    Posts
    25
    I would move the prof into his own group and
    then put the students into there own group.
    Set the system UMASK tigher and update your
    /etc/skel files to not allow data accress users.

    Check /etc/profile and change the UMASK there
    or depending on the release (dont have ubuntu handy now to check)
    /etc/profile should have a UMASK line for system wide option or set the option in the users bashrc file.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •