created a user but i forgot to change the home directory permission.so after user created when i go to the user and group mangement i cant see that permission filed related to the home permission directory.my purpose is to stop accessing other user to my home directory,how it can be possible??
View 4 Replies
This may be a rookie mistake, but I created a user (new user) in Linux on a Ubuntu system and didn't actually create the home directory for this user. Now, when I log in, it says there are problems... If I delete the path home/<new user> and try to log in the system tells me I can use root as home directory but I will likely experience problems, and then it won't let me log in. What is the best way to create this directory with the appropriate permissions? Should I just create another user and delete this one?
View 1 Replies View RelatedI have a secondary disk which holds a /home directory structure from a previous install of Linux. I installed a new version on a new primary drive and mounted this secondary drive as the new /home. Problem is, even though the users are the same names and I can access the home directories for the users, I cannot login directly to their home directories, as I get the following error: -
Code:
login as: [me]
[me]@[machine]'s password:
Last login: Wed Jan 6 18:34:33 2010 from [machine]
Could not chdir to home directory /home/[me]: Permission denied
[[me]@[machine] /]$
Now, since the usernames are correct and the users are in the passwd file with the correct home directory paths, could it be user ID's that are different or something else? It's not as though I cannot access the home directories for the users, simply that I cannot log directly into them from a login prompt.
I've setup Kerberos and OpenLDAP servers (9.10) similar to the official documentation (and other sites that fill in the "gaps"). However, when you start to get in to some of the details, there seem to be many options - and I guess I'm looking for what could be the defacto standard. I'd like to allow Ubuntu clients to have a sso capability, with the ability for local caching of passwords if not connected to the network (such as a laptop user away from the office, prior to a VPN). I'd like to automount a secure NFS share somewhere in the /home directory. If the user logs in to a computer they've not logged in to before (if they're authorized), it would be nice if a skeleton /home directory could be setup there automatically I'm guessing that it is not desirable to use a shared /home NFS - as if you're off the network this would be problematic - as well as multiple computers sharing the same /home. There are some benefits to a shared /home (SSH certs, etc.), so maybe there is a hybrid approach out there.
I've read that it's not necessarily good practice to have OpenLDAP to do the authentication (leave this to Kerberos), but it's fine for authorization (such as ACLs for logins to certain computers). It's also good practice to use TLS with OpenLDAP (which requires public certs on all the clients) and to not allow anonymous read to the directory. I would guess that a computer host keytab could be refreshed to bind to the OpenLDAP server via GSSAPI / SASL to allow a non-anonymous read, and then determine if, say, the user was a member of a group allowed to log in. Kerberos would then pick up and authenticate the user and then proceed to the login. Off the network here, I'm not sure. I found this document, but it's self declared missing items: [URL]
I'll stop the rambling, but I cannot be the only one who would like to setup a relatively standard and secure server based network authentication and authorization back-end. Is there any _complete_ documentation on the best practices and how to implement?
I was setting up a Samba server and I ran into some problems with SELinux related to the context of the home directories. I made a user account, say "UserAccount", with a default home directory "home/UserAccount". Afterwards I realized that I needed to move the home directory of this particular user to another location, say "/home2/UserAccount". So I created the new directory, changed the permissions, and used Gnome's system-config-user to change the user's home directory.
I then set-up the Samba server, activated samba_run_unconfined and samba_enable_home_dirs in SELinux, and made an account for UserAccount. When testing the Samba account for UserAccount SELinux denied read access. I checked the context and the new home directory did not appeared to have been updated. I had to manually run:
restorecon -R -v /home2/UserAccount
to set the context on the new home directory. I'm not very familiar with SELinux, so my question is this: is this normal security policy or is a bug in the system-config-user tool? If it's normal policy can someone explain why? I'm always ready to learn Distro: Fedora 12 (kernel: 2.6.31.5-127.fc12.i686) System: Dual Intel Xeon @ 3.2 GHz, 1 GB RAM
I had a student, and she has done some work on her account on my lab computer, but has left the country and is un-contactable.
I have full administrator privileges for this machine, and it is running Ubuntu LTS 10.04
She has a folder which was copied from a windows formatted external hard drive (Probably NTFS) onto her home partition on my machine.
I can open all of her files, except for those in this folder.
As I see it the problem is either something to do with the permissions of the files (coming from NTFS), or some kind of Ubuntu security that I am unaware of?
Here are my attempts to open it code...
Do you think there is a way of accessing different user data from another account which I have set up.
Ie. user 1 = account has messed up
user 2 = account works fine
access user account 1 home directory from user 2 work space?
I'm developing an application in which one user must run java software that I'm compiling as another user. I wanted to give user A permission to see the bin direcory of my workspace, which is in the home directory of user B. I was wondering how can this be done? I gave the bin direcotry full read/execute premissions, but since it's in my home directory user A can't navigate to it.
I know there are a few ways I could get around the problem but they arn't very elegant. I was wondering if there is a simple method for giving a user access to a specific directory without giving access to all the parent directories. I tried symbolic link but user A still can't access it, and a hard link to a directory isn't allowed in Linux. I don't feel like making a hard link to every single file in the bin directory, and I'm not sure that would work anyways, since every recompile overwrites them.
i have rhel 5.2 and i want to create user using useradd command without creating user home directory and not throwing any warning/error about not creating any home directory.i have tried useradd -u "$NEW_UID" -g <gid> -d "/home/$1" -M "$1"where $1 is user name and $NEW_UID is i am calculating.it throws error as useradd: cannot create directory /home/$1which i dont want to come , how to prevent this?
View 1 Replies View Relatedi'm new to linux and just installed Ubuntu and decided to play around with it. i just executed
Code: useradd test which supposedly creates a folder in the home directory '/home/test' but when i look in there i can't see it i also did a
Code: grep test /etc/passwd which returns: 'test:x:1001:1001::/home/test:/bin/sh' which i believe means it is meant to exist.
Addendum: I have also now noticed that when i log in and log back in i have the option to login as 'test' but it prompts me for a password which i did not set :s
I created a user called gdev.
As root, I made a dir /var/www/html/test
I have done these same steps on numerous machines. However, in this instance, gdev cannot cd into test/
I've been looking for this feature for months and couldn't find a solution for this. Does anyone know how to create users and limit the user to a specified directory?
View 6 Replies View RelatedI am replacing a home network - Windows Server 2003 and 5 PCs (XP Pro) with UBUNTU 10.4 LTS Server and client versions. I am keeping a couple of the PCs with dual boot until I can migrate everything over (Having some issues with iTunes, Family Tree Maker, Media serving, DVD decrypt and a couple of others, but that is for another post). It was great fun getting the server up and running using only shell commands. Took me ages just to get a folder shared! Migrating the data over from NTFS to ext3 was also fun given the limited space on the partitions.
I really only want to use the server for communal network type things ... central user account maintenance, shared folders for music, video etc and data backup. I don't need it to be performing server functions on the Internet e.g. web server etc although that may come later. How I set up central user management? All the PCs are currently setup with local user ids, and it is a bit of a pain to go round each PC every time I change something.
The server is not always up, so I need to be able to log into the local PC without it being active. I was using Active Directory on Server 2003, but I don't need anything that complex really ... just 3 or 4 users to manage. I have been looking at the setup tutorial at [URL] but am not sure how relevant a lot of it is. I have SSH setup so I can login remotely, NFS is working to share the folders, but that is about all I have done so far.
My Linux is Fedora release 13. I found there are a few users created not by me. I am not sure if the system got hacked somehow. Then the hackers created these users, i.e. (1) oracle, (2) exim, (3) test, (4) cox. I tried to delete all of these four users by using "usrdel" command but the system said "I cannot delete these users as the users are logging in". If my system got hacked ?? or these users are created by the system itself?
View 8 Replies View RelatedI want to automaticly set the group ownership of user home directories to a group that the user is not part of. This is so that Apache can be part of this group and can access user public HTML directory, but other users are not able to access in any way the files in the users home directory. What I have seen that works manually is adding the user and then changing the group for the home directory. But I want to automatically set this when the user account is created. WHat I see happening is that when /etc/skel is copied, it automatically sets the group and ownership of everything to the users default group and ownership. I've seen some suggestions on setting permissions, but these don't seem to work because it seems that users are able to cd into a directory and not list it, but if they know the file name they can access the file.
View 1 Replies View RelatedOriginal HOWTO can be found at: [URL]... So the other day I was in IRC and someone had brought up a problem where they created a new Administrative user, but didnt have rights to use sudo. Looked into the problem a little bit to figure out what was wrong, and it turns out that when you create a new user through the user manager (in kubuntu, anyways. Havent tested in Gnome.) the user gets added to the adm group, however, a quick look at the sudoers file shows that its looking for users in the admin group to allow the use of sudo. So, to solve the problem we do the following: If youre on the new admin user (which Im assuming you are) use the following commands:
Code:
su [insert username of old account without brackets]
sudo usermod -G admin [username of new admin account without brackets]
exit
Then simply logout, and then log back in (not always necessary, but the easiest way to flush the permissions.)
Code:
su [insert username of old account without brackets]
Means were going to Switch User to the old admin account
Code:
sudo usermod -G admin [username of new admin account without brackets]
This simply adds the admin group to the secondary group list for the new user
Code:
exit
Pretty self explanatory
I am using mint 8 for a 2 weeks, I am noob to linux but I like Mint than any other linux distro which is great alternative to windows. I have a problem regarding password reseting.
1. My laptop automatically get logged in without asking user name and password.
2. I tried to change password for newly created user and root user using graphical way but it does not work.
2. I can perform administrator task using only OEM user which is default inbuilt user of mint.
How can make my laptop to ask password when mint get booted? How to change password for other users?
why the user created at installation time is a Custom User instead of an Administrator.
View 4 Replies View RelatedRunning Ubuntu 10.04 I logged into (sudo?) (root?) using:
Code:
sudo -s
and then entering my password.
I navigated into the home folder and viewed the long listing of it's contents using:
Code:
root@host:~# cd /home; ls -l
total 4
drwxr-xr-x 65 uname uname 4096 2011-05-22 17:14 uname
[Code]...
I would like to allow a user to login through SSH but with different permission coming from different ipaddress.
For example, a user "tester" login to SSH through 192.168.1.1 and another user login with the same login id "tester" but from different ip 192.168.1.2.
How do I restrict 192.168.1.2 to only allow for viewing the content in the home directory while giving 192.168.1.1 full access?
I would like to allow a user to login through SSH but with differentpermission coming from different ipaddress.For example, a user "tester" login to SSH through 192.168.1.1 andanother user login with the same login id "tester" but from differentip 192.168.1.2.How do I restrict 192.168.1.2 to only allow for viewing the content inthe home directory while giving 192.168.1.1 full access?I got a suggestion from some oneApproach 1) Based on the ip you change the shell. If it's just for read only ajail would be fine.but how do I change shell based on IP?Approach 2) to have two ssh instances. Let's say port 22 and port 24. Port 22 isfor read only, while port 24 is for full accessso how can it be possible to give port 22 only read only access to SSH
View 1 Replies View RelatedI've run into my first Linux/Unix roadblock and need support. I am creating a user strictly for SFTP and need them to login to a specific folder as well as set their navigate, write, and read permissions appropriatly but am having trouble. I was able to modify /etc/passwd to change their home location upon login but was warned that it was a bit dangerous to modify this file, even though my login test worked, and that I should look for an alternate solution in case shadow passwords were used. I'm reading up on chmod and understand the binary relationship but still can't seem to put the pieces together for each folder I'm working in. Below is what I need to satisfy: username for this test will be 'customer'
Example folder: /storage/company/files
1. User 'customer' needs to login to /storage/company/ by default.
2. User 'customer' needs browse, write, and read permissions to /storage/company/ and ALL files and subdirectories within this folder
3. User 'customer' must be UNABLE to navigate backwards toward folder root / or in general, navigate out of their primary home location.
I'm trying to do something like thisi created a group called www and made this group the owner of the directory/var/www/htmlso i can read and write to it.of course I've add my self to this group, but it seems i can't read and write.the syntax i used was something like chown :www /var/www/html.didn't workonly when i used chown samurai:www /var/www/html i could finally could create new file.the reason i don't want to specify the user name is because I'm thinking of a scenario when i need to give permission to a large group of ppl and don't want to do it user by user.
View 5 Replies View RelatedI recently started using SVN with Apache for my web development, although I find it really annoying that I have to issue two SVN commands (one local, one remote) to update my web site. I have been looking into SVN post-commit hooks to solve this problem. The only problem is that apache does not have permission to modify files in my user directory... So here is how everything is setup. I am running Slackware 13 full install. There have been no installations overriding any of the default installs.
[Code]....
I would like to change the start directory, the directory at which ftp/shell points to when the user logs in.
View 1 Replies View RelatedBasically I'm trying to create a bash script that'll ask for a folder name and then change into that folder.
Code:
Not real code but bare with me!
echo "Enter the desired folder and press [ENTER]
read $folder
cd $folder
pwd
/home/<user name>/<whatever the user entered>
Is this possible with bash or am I chasing a pipe dream?
iam learning to setup a NFS server with fedora14. I have gone through couple of materials for this topic. I have a doubt. Say if i have user1 till user5 on my NFS server with their home directory under the /home and the /home directory is shared. If user1 logs into a client machine then will he be able to see home folders for the other users or just his own home folder. Because in the /etc/exports file there was an option saying "subtree" and according to my understanding this means that the subdirectories under /home will also be shared. Does that mean all the users should be able to see all other users home directory and its contents but not read/write?? Correct me if iam wrong.
View 1 Replies View RelatedI was just exploring if i could create a normal user without a home directory. So i edited the file /etc/defaults/useradd and it now shows
[code]...
Why is this so? why isnt the change in useradd reflected here?
I've a user account in a remote machine. but it doesn't have a home directory in that machine.Is it possible to create a home directory without having root account details. If yes, how it can be done.
View 1 Replies View RelatedUbuntu 10.04 64 bit
I ran following command to change username;
# usermod -c "Real name" -l new_username old_username
but forgot adding -m option to move the contents of the old home directory to the new home directory.
Therefore;
# ls /home
old_user_directory
how to fix it. /home is on partition /dev/sda3 NOT on root directory
