Which sets ownership to all files created in that folder and I assume the subfolders to my group "ftp-users". However the file permissions when created are:
-rwx------ 1 test ftp-users 0 2010-07-04 13:58 TestFile1.txt
-rwx------ 1 test ftp-users 0 2010-07-04 13:58 TestFile2.txt
I want the ftp-user group to have full access to these files.
I'm developing an application in which one user must run java software that I'm compiling as another user. I wanted to give user A permission to see the bin direcory of my workspace, which is in the home directory of user B. I was wondering how can this be done? I gave the bin direcotry full read/execute premissions, but since it's in my home directory user A can't navigate to it.
I know there are a few ways I could get around the problem but they arn't very elegant. I was wondering if there is a simple method for giving a user access to a specific directory without giving access to all the parent directories. I tried symbolic link but user A still can't access it, and a hard link to a directory isn't allowed in Linux. I don't feel like making a hard link to every single file in the bin directory, and I'm not sure that would work anyways, since every recompile overwrites them.
Im want to know the command to add a user with no shell access so they cannot log onto the system, but there a user on there so for example they can be part of the email server.
Original HOWTO can be found at: [URL]... So the other day I was in IRC and someone had brought up a problem where they created a new Administrative user, but didnt have rights to use sudo. Looked into the problem a little bit to figure out what was wrong, and it turns out that when you create a new user through the user manager (in kubuntu, anyways. Havent tested in Gnome.) the user gets added to the adm group, however, a quick look at the sudoers file shows that its looking for users in the admin group to allow the use of sudo. So, to solve the problem we do the following: If youre on the new admin user (which Im assuming you are) use the following commands:
Code: su [insert username of old account without brackets] sudo usermod -G admin [username of new admin account without brackets] exit
Then simply logout, and then log back in (not always necessary, but the easiest way to flush the permissions.)
Code: su [insert username of old account without brackets] Means were going to Switch User to the old admin account Code: sudo usermod -G admin [username of new admin account without brackets] This simply adds the admin group to the secondary group list for the new user Code: exit Pretty self explanatory
I just created new user account, but the new user is able to access all the directories structure (including other's home directories).I'd like to limit the user to access ONLY his home directory (and nothing "above"). How do I do this?
i want to install a software in my linux machine staying in another user that i have created .It is asking for root access for some command to be execute during installation process.when I am trying to execute "sudo -s" its showing " is not in the sudoers file. This incident will be reported.".what next will i do.I am in my ubuntu machine.
I have a Virtual Private Server which I can connect to using SSH with my root account, being able to execute any linux command and access all the disk area, obviously.
I would like to create another user account, which would be able to access this server using SSH too, but only to a certain directory, for example /var/www/example.com/
For example, imagine this user has a HUGE error.log file (500 MB) located in /var/www/example.com/logs/error.log
When accessing this file using FTP, this user needs to download 500 MB to view the last lines of the log, but I'd like him to be able to execute something like this:
Therefore I need him to be able to access the server using SSH, but I don't want to grant him access to all server areas.
I'm running CentOS and I get an error when I plug in my usb flash drive.
Error org.freedesktop.DBus.Error.AccessDenied
A security policy in place prevents this sender from sending this message to this recipient, see message bus configuration file (rejected message had interface org.freedesktop.Hal.Device.Volume member Mount error name (unset) destination org.freedesktop.Hal)
How would that work when all of the users are network users(openldap)? So these are not local accounts.
how you allow a domain user to access a smb share when the linux machine (RHEL) that the share is on is on the same subnet as the domain but not joined to it (it has the name of a DC for the domain configured in /etc/hosts.conf also)
I need to create a user with least permission on the production server. He should only be able to read or execute the files that to be specific. For example: I just need to give him a set of commands to run.Besides those command execution He should be prevented to run any other command and He should not able to create any files(write permission).
I have a CentOS dedicated server running ProFTP. I have created user accounts which are meant for FTP access only but the users cannot connect to the FTP unless their shell access is /bin/bash
Here is an example line that is outputted when I use this command:
This user can access the FTP fine, but he can also access SSH which I don't want to allow him to do. If I set his shell access to /bin/false then he can't connect to the FTP.
What can I use in instead of /bin/bash to allow FTP but don't allow SSH?
I was wondering, i have a webfolder and have permissions set to 770 with group being www-data. I would like to give access to one folder to a friend so he can edit images, css, etc. I made that folder 770 with group being site_name with www-data and him being in the group. So far so good it sounds like. However when i use the full path to the directory linux says it doesnt exist.
Is there a way i can make it so he doesnt have r/w file on files inside the parent directories and still access the directory i want to give him?
I have a mercurial repository on a secure server, to which I want to grant secure access to an external user.
I added for him a user account and publickey ssh authentication so that now he could push/pull changesets via ssh.
My question is: how can I make this new user account completely disabled from doing anything or accessing any data on the server other than accessing the repository? E.g. he shouldn't even have the possibility to enter an interactive shell session.
I configured FTP server on Fedora 7.0 . I create different users with different password. I also create seprate directory for each FTP user. All are working . When I use filezilla for connecting that FTP site I can access all the directory on that server.
Now I want to configure that no any FTP user can access other FTP users directory or any other directory in server machine . What I do for this .
I run the openssh daemon on port 22 and have the proftp running on port 21. I would like to block SSH for a specific user.I use proftpd.I would like to prevent the SSH access for this user and leave the FTP working for this user specific.Into /etc/passwd, I tried to change the /bin/bash to /bin/false, but this blocks both SSH and FTP access for this account.
I'm trying to access a share across the net. the share is a disk "fat32" which I mounted using "vfat users,rw,exec 0 0." However, after I created the samba user "smbpasswd -a user" I'm still unable to access the share across the net. ports are open, and entry has been made in smb.conf for share. But I'm having problems giving permission to smb user. the share it is mounted on /media/share, and I've tried everything from
chmod -R ug+rwx /media/share chmod -R ugo+rwx /media/share chown -R user /media/share and I always get unable to set permission for user
I Want to be able to let my girlfriend view my pictures folder while at the same time keeping my sister out. So I created a group "JessAndI" and made myself and her apart of that group. I changed the group of the directory recursively to "JessAndI" and gave the permissions to 770. She still isn't able to access or even view the directory unless i change the permissions to allow others whether it be 774 or 777. Am i doing something wrong? I've checked and double checked to make sure she is part of the group and the group is the group on the directory and all the sub-directories and files.
Normally all I/O goes through the kernel so that it can schedule the operations and prevent processes from stepping on each other. A few special user processes are allowed to slide around the kernel, usually by being given direct access to I/O ports. X servers are the most common example of this isn't it ? give examples for any other processes that are allowed to slide around the kernel ?
How to allow access to some commands having root privleges to be run by non root user. I am new to unix/linux and I have a major assignment. I have to find ways to run particular commands which can be run only by root from a non root user. I know sudo is one of the way but i need some different approach.
I've a webpage that has some links to videos. When an user click on that link, I need the user to redirected to the login page which check credentials with ldap server and then grants access to the video. I've searched google for some code but all I found is some samples that authenticates the user. But when the user enters the login credentials how do I implement that code in the backend and redirect to the video if the user can authenticate himself?
I am a user of a cluster. I don't want root to see/copy files from my user account(obviously). Is that possible to limit the access of root to users account?
I am having some trouble finding the information i need, here is what i am trying to accomplish.
1. Download POP email messages from cody@clearsky.net.au using fetchmail and assigning them to account "cody"
2. Connect and view the emails via IMAP using dovecot server logging in using "cody"
So far i have the fetchmail part working fine, but i cannot see any emails in the inbox. The messages are going thru however as they are visable in MUTT. i have edited my /etc/dovecot/dovecot.conf to change the mail directories, but no luck
I found that if any usual user is logged into a NDS-tree, then _local_ root has full access to user's network shares, including the user's home directory located on remote Netware-server. Is it by design or have I missed something? Nevertheless in windows local admin has no access to network resources mounted of any other user. If you runas shell (as admin) then admin in principle can't "see" network shares which were mounted (connected) by other users - they are accessible ("visible") per session.
Take a physical user FRED. FRED is a linux user ( known by linux on his laptop ) FRED is a Samba user ( Known by samba on the samba pdc server ) When he logs locally (with username/password) on its standalone laptop (with no network), he is known as FRED:user. He access his data in /home/FRED/. When he logs through samba (with username/password) on the domain MY_DOM, he is known as MY_DOMFRED:MY_DOMdomain user. He access his data in /home/MY_DOM/FRED/. ) Is it possible that the human FRED has only one repository and have full access to its repository regardless of how it was connected. If yes, how to do it
2) If not, Is it possible that the human FRED has full access to /home/FRED/.............. and /home/MY_DOM/FRED/.