General :: Understanding Ubuntu User / Group Permissions
May 20, 2010
I'm beginning to deal with more than one user on my system (it's a VPS serving some sites) and I need to make sure I understand how group permissions work. I have an account named "admin" .. it's basically the primary account that is used for serving most of the sites that I control myself. Now, I added a second account named "Ville" as one of my users wants to be able to administer that site. So, I can do this the easy way and just chown their domains folder under the ville user, they have permission to do whatever they need be and so forth. However, let's say I want to also give the admin user access to the files (modifying and all) .. how can I put both users into the same group and give them both permission?
I've tried doing:
sudo usermod -a -G admin ville
To add the ville into the admin group, but ville still cannot edit files by admin. Permissions for the primary directory for the ville user are read/write for both owner and group, and the current group for the files is admin:admin ..
But ville still can't write into the directory. So, what should I be doing here to get this right and secure at the same time?
View 1 Replies
ADVERTISEMENT
Jul 10, 2010
I am doing rhce course but i am very confused to answer these user and group permissions.the questions are like this...the owner of the /data must be user tom.primary group of /data must be the group sysadmins.the members of the group test must be able to write and create files in the /data.the members of the group web have no access to these directory.the user jack not belong to any of these gropus must have to edit files created in /data.the user tim can only list the contents.
the questions are always like these..i am okay with sgid and sticky bit.but i dnt know where to set default acl and other permissions.
View 3 Replies
View Related
Mar 22, 2010
After I edit /etc/group and I add a user to groups it didn't belong to, the user will not be able to use it's newly acquired privileges unless it starts a new session. Is there a command to refresh user/group properties in an ongoing session?
View 2 Replies
View Related
Apr 14, 2011
My main account 'dave' runs as admin etc This was the output of 'groups dave': dave adm dialout cdrom plugdev lpadmin sambashare admin I was trying to add dave to the user group 'media-www' and i ran this command: 'usermod -G media-www dave' Then after another 'groups dave':
dave : dave media-www It seems to have removed all the other groups! How do I restore this?
View 4 Replies
View Related
Oct 19, 2009
i want secondary users can able to change the files permissions of primary group?user MAC is having www as a primary and httpd as secondary group. But he want to change the file permissions (chmod) httpd group files. Is it possible or not? I think its not possible. If it`s possible then let me know how?
View 3 Replies
View Related
Apr 8, 2010
I am very new to linux. The first time i ran a linux machine was one Saturday. Anyway I am trying to set up an apache web server, all I want to do is play around with html and post it on my unbuntu server so it is available to the internet. I am also trying to install samba but I am having trouble with that so for now I am using winscp. Ok, so I made a folder in my home directory for webstuff, and set up apache to look in that folder.
mkdir /home/username/webstuff
I put my index.html file into the /webstuff folder.
But when I go to my website, it says 403 error unable to access "/"
Did I make the folder in the right place? I do not want people being able to access my / folder so maby I made the web stuff folder in the wrong place? Also I thought I would just put my inded.html file inside of the default one apache gives you, but when I tried to transfer index.html it said permission denied. How to set up permissions so I can use apache and transfer my html files from my remote desktop to my server would be great!
View 7 Replies
View Related
Jul 3, 2011
this is my first real problem that I can't solve my self.I've a test samba share called "Share" and I've created three users:
-mones
-fsu
-fsu2
[code]....
View 2 Replies
View Related
Jul 17, 2011
In my /var/www directory, I have everything set up with:
user: www-data
group: developers
directories: chmod 570
files: chmod 460
Everything seems fine. Users from the developers group can edit files and all, but now we began using the Git repository, and whenever a user edits a file (ie. Joe who is a developer,) file permissions get screwed again. Now they're:
user: Joe
group: Joe
directories: chmod 755
files: chmod 644
How can I fix this so permissions remain the same?
View 2 Replies
View Related
Jul 20, 2010
On Windows, you can go to a file's permissions and it's clearly stated who can do what. You can choose between individual users or groups such as 'everyone' or certain types of users such as 'domain users'. You could create a clear cut list of every single user/group on the system and what their permissions for a file are and have it neatly displayed in a list.On Unix, we have octal permissions and sticky bits. I understand the whole concept of rwxrwxrwx (777). The first three are what the file owner can do, the second is what the main group the user belongs to can do, and the third is what other users can do.
But, when you view a file's permissions you are only getting the permissions as they apply to the user that owns the file. For example, as I understand it, if I viewed a file that only the root user had rwx permissions on and everyone else could only read. The permissions would show up as rwxr--r-- (744). But, those same permissions would show up to any user as 744 as well. Since the last 3 characters are what applies to "other users" (pretty vague). How would someone know what users in particular those permissions apply to? There could be one "other user" that can rwx that file and another "other user" that can't.Also, why just stop with the main group? What about other groups? A the user Foo's main group he belongs to might be Foo. But he could also belong to the groups Boo and Zoo, which belong to other users and would give him full rwx permissions over Boo and Zoo's files just as if he were Boo or Zoo.
Then you have the whole sticky bit thing that makes it so that files can be owned by the same person and at the same time be made use of (to varying degrees) by other users. To chmod the UID you'd chmod 2777 or for GID 4777 (just an an example). I did this for a file and it allowed a standard user account who was previously unable to run the command to be able to run it. But, how can that work when I didn't anywhere specify what particular user (or groups of users) that sticky bit applies to?
I'm confused about this whole thing to the point that I'm not even sure exactly what questions I should be asking or even if my examples are even 100% correct. I just sort of ranted about some specific things that floated to the top of my head. Permissions are easy to understand when your running a Unix-like system on a single user desktop. Because the only users/groups you have are root, the single user, and various system users/groups that you don't really need to worry about. So a file with rwxr--r-- means that only the Root user (not even members of his group) can edit the file and you can't unless you use sudo. Because the "other user" in the last 3 characters always just means you. But, things seem to get a whole lot more complicated when you start adding in multiple users. Can someone explain this or link to a "for dummies" article that can explain all of this to me in a way that someone who's used to Windows style permissions can make a connection between the two OS families and their way of handling these things?
View 9 Replies
View Related
Jun 19, 2011
I need to assign permissions for ftp users. For that I need to create groups with different permissions like upload, download, rename, delete, rename and delete. And the users added to the group need to have that group permissions by default.
View 5 Replies
View Related
Apr 9, 2010
A colleague of mine has a Linux box (running Debian I believe) with an SVN repository on it. The repository directory and files 'owner' is my colleauge. We are both members of a group called 'users'. He manages several projects both Linux and Windows apps, while I have one Windows app. For the Windows apps, we both use TortoiseSVN via an SSH link to commit/update. Performing the command 'ls -l' shows the repository files and folders on the Linux box to have the following permissions:
-rwxrwx--- john users
However, when my colleauge commits to the repository, the permissions change to:
-rwxrwx--- john john
This then means I get 'Permission denied' when trying to access the repository myself as it appears that the group permissions have been overwritten with only 'owner' permissions. To fix this, a 'chown -R' command is applied to the files/folders to set the permissions back to owner/group, but each time he writes to the repository, the issue repeats.
View 1 Replies
View Related
Apr 19, 2010
Is there a way to allow other members of my group to access subfolders under my home directory, but not my home directory itself?I'm using CentOS 5.4
View 3 Replies
View Related
Oct 17, 2009
I'm studying Linux and just started reading about permissions and ownership. My question is how would you have multiple users or groups given access to a certain directory? When doing an ls -l I see the owner, group and others that have permissions that have access to the file or directory. But what if I need multiple different groups access to a particular file or directory all with different permissions?
View 2 Replies
View Related
Nov 11, 2010
Im trying to change a group to have read write and execute permissions on everything in the system through command prompt, some people told me to edit the /etc/group file but i don't have a file that exists there under that name, but the group does already exist, i just don't know where its located. Anyone have a clue where i can check or what to do ?
View 2 Replies
View Related
Jul 19, 2011
How can I create a user group that restricts Internet privileges to only members in the group, then I will assigns certain applications to join the group for access to the Internet.
For example, I want only group net to have access to the Internet. Group net is then connected to:
Code:
So far, I am using the gnome group policy manager that is standard with ubuntu but Its not working. It is possible that im misdirected and that I should use a firewall instead?
View 2 Replies
View Related
Jun 23, 2010
I've been trying to get the -perm option of find to give me all PHP files that are group writable. Should this work?
find -name "*.php" -perm g-w
View 1 Replies
View Related
Jul 18, 2011
I have a directory that needs to be owned by nginx user and I need to access it via other users in order to add/edit/delete files in it. So I created a group called www and added both then chgrp -R on the directory. However I am still getting a "unavailable to access no permissions" sort of error in my SSH/SCP/what ever you want to call Mac's Transmit.
ls -a output
drwxr----- 3 nginx www 4096 Jul 17 23:56 nginx
View 1 Replies
View Related
Jan 21, 2010
I need to test linux group permissions on a repository. In one shell, how can I temporarily remove one of my group associations? e.g.If my groups are defined as:
% groups
foo bar baz
How can I make it so it only returns foo bar without baz?
View 2 Replies
View Related
Jun 14, 2011
What I want to be able to do, is have create a group, for example called "group1" and set its default permissions to read & write, instead of the usual just read.
So when I add a user into "group1" they automatically have read & write access to all files & directories which is in "group1".
Oh & I use crunchbang 10 (statler) for my desktops & Ubuntu 11.04 for my NFS/print/SSH/etc/etc server
View 3 Replies
View Related
Jul 6, 2010
Sorry if this is the wrong section for this type of question. Anyway, I have two servers running Ubuntu 10.04. Server A has an NFS share that is mounted on server B, and the former has this share set up with specific permissions for a group called netusers. This group basically grants its users read/write permissions, and blocking all of files from anyone who's not part of the group.My question is this: how can I set up the permissions on server B, such that if I was to add a new user on server B, he would have read/write access to the share? I tried adding a counterpart group called netusers with the same permissions on B, but that didn't work.
View 2 Replies
View Related
Jul 19, 2010
I would like to set both user and group permissions permanently to be 'rwx' (read-write-execute). I would like these rwx settings for all the future files and folders.
I tried umask 002, chmod etc, but they don't set it for future files.
View 3 Replies
View Related
Apr 20, 2010
A bit of an oddity that I've recently run into with my storage folder in my system; it's a newly installed drive that I've set to mount at /storage. When I first tried to use it, programs that I used that attempted to write to it tossed Access Denied errors at me in their own way. Checking the permissions (at the Terminal, ls -l / | grep storage) showed that /storage was set to 'rwxrwxr--'--Owner and Group were given full read/write/execute, but Others could only read. However, my logon to my system is a member of group root. Why, then, with the above bits set, would I not be able to write to it? Changing Others permissions to rwx (and presumably rw would have worked out for me since I don't leave anything executable there) allowed me to write to it, but I don't understand why that would have been necessary. So far as I'm aware, the prior drive that was in my system--mounted at the same location--did not need this treatment.
View 7 Replies
View Related
Mar 17, 2010
I have four users in my red hat linux 9. I want that all these four users should add in a group i.e "Marketing". please guide me that using terminal which command may i write so that the users should added in the group.I does't want to use GUI interface to do it.
View 14 Replies
View Related
Feb 14, 2011
I want to add a user "smith" into marketing group using terminal.Please guide me that how can I do it ?
View 11 Replies
View Related
Jun 20, 2011
How to get all group list of particular user in linux to whom which he is member.
View 3 Replies
View Related
Jul 11, 2011
I'm using nfs to mount the folder /mirror from a server onto a node.
This works, except on the node the user and group are displayed as "4294967294".
On the server: ls -al ./ displays
-rw-r--r-- 1 cu cu 0 2011-07-11 15:08 test1
-rw-r--r-- 1 cu cu 0 2011-07-11 15:08 test2
whereas on the node
-rw-r--r-- 1 4294967294 4294967294 0 2011-07-11 15:08 test1
-rw-r--r-- 1 4294967294 4294967294 0 2011-07-11 15:08 test2
I have usermod and groupmod the username cu to have the same numbers on the node.
On the server: id displays
uid=1021(cu) gid=1007(cu) groups=1007(cu),109(admin)
on the node
uid=1021(cu) gid=1007(cu) groups=1007(cu)
I'm stumpeed as to what the problem could be.
I should perhaps add that the home directory is /mirror/cu (so that the users share the same account when mounted). Not sure if thats relevent though...
My /etc/exports file (on the server) looks like this
/mirror *(rw,sync)
and I do the mount (on the node) with
sudo mount server:/mirror /mirror
View 1 Replies
View Related
Jan 28, 2010
how to delete a user from a group? i am new to this group started linux admin course.
View 4 Replies
View Related
Apr 19, 2010
im trying to implements mercurial repositories using ssh access.The problem is that if a login via ssh with the user "userA" all file upload vi that user are created with the owner: userA:userA and i need to use the group of the parent directory... is that posible ?For example:
repos ( root:repo)
-> project1 ( root:repoPrj1 )
-> file1 ( userA:usearA ) -> here i want userA:repoPrj1
View 1 Replies
View Related
Sep 10, 2009
If user1's main group is genetics and one wants to add him/her to group biochem and to assign biochem as his/her secondary group will the following suffice ?
Code:
$ sudo usermod -G biochem user1
I would like for user1 to have genetics as the main group but also belong to biochem. When user1 creates a file, as he/she belongs to main group genetics, I assume the file will be owned by user1 and group owner will be genetics. Ideally files created by user1 should be accessible to users in group genetics(when permissions are tweaked) but not by individuals in group biochem. However, any files with group owner biochem should be accessible to user1 as he/she does belong to biochem as a secondary group. Would having user1 main group genetics, secondary group biochem fulfil this criteria ?
View 5 Replies
View Related
May 18, 2010
Does anyone know how to change the primary group on a user without changing the password? I've tried updating the /etc/passwd and running usermod -g group userBoth of those does change the group but somehow it messes up the password so the user cannot get in with the same password.
View 5 Replies
View Related
