I'm setting up some CGI scripts to be executed by Apache. What I find disturbing is the fact that since the owner of the CGI script is the Apache user, it is not possible for me working under my user to edit the script unless I either edit it with sudo or chmod it to 777, which I believe is not advisable.
View 3 Replies
i want to know what is use or benefit of using s and t permission?i have used them but could not understand its uses.please explain me with suitable example.Also tell me about umask command to flag on s and t.
View 1 Replies View RelatedI have a FTP server (vsftpd), and would like to setup different file permissions for different groups:
-"ftpusers" group should only be able to browse and download.
-"ftpadmins" group should be able to browse, download, AND WRITE (RNFR, RNTO, MKDIR....).
Let's say my main directory is /var/ftp/docs/. It should be accessible by "ftpusers" group, but only writeable by "ftpadmins" group. Other groups or users may not access it. Which permissions and ownership should I give? My problem is that the dir can't be owned by two groups...
I have an NFS server on Windose Server 2003. I use it to back my Linux/Solaris databases up to. I mounted the NFS share on the Linux box. I was testing the permissions to it, and accidentally did a chown sybase:sybase /OLBackupOLBackup is the root directory of the NFS share. When I did the chown command, it changed the permissions on the share. Now it seems that linux is controlling the permissions. In windose I cant add users/groups. How can I remove Linux from owning the permissions. Im not sure if this is a windose issue or a linux issue, but figured I would start asking here first.
View 1 Replies View RelatedI'm planning a NFS share for a small enterprise (25 NFS clients). I need to create a directory structure but I'll need to set up differents permissions (rw/ro) to some directories of the tree. I wonder if it's possible to grant access using groups IDs, so that would be ideal for this application. Is it possible? I was thinking that I would kneed some kind of centralized user info, such as NIS or LDAP. Is that necessary?
View 4 Replies View RelatedI am having a bit of an issue with a NFS configuration. Initially I had no issues when both the server and client were both running Ubuntu Karmic. The client is now running Fedora Core 12 and when I mount the share I get "You do not have the permissions necessary to view the contents of Mnt". I came across this troubleshooting guide and it suggests that the issue may be the UIDs are not in sync on the server and client. If this is the issue, which usernames do I need to sync and how would I do that?
View 2 Replies View Relatedi am trying to set permissions on my wordpress install such that the wordpress admin can write to the files and directories in the wordpress tree. otherwise i have to do all the things wordpress does automatically by hand with vi.of course i would like to have permissions set as precisely as possible for security.at present the files are set to 644 (-rw-r--r--). my plan is to change permissions to 664 (-rw-rw-r--) using chmod. ie "chmod -r 664 ./wordpress".
View 4 Replies View RelatedI have question regarding setting permissions on wp-content/uploads... in wordpres. I read a tutorial where they want you to set permissions: chown -R julie.julie uploads/ chmod -R 777 uploads/ 777 makes it rwx for others as well. It's not secure! It works but is temporary fix. How I can make sure that the user julie (wordpress) will be able to write to it but anybody else wont.
View 3 Replies View RelatedI have just started using linux. I have setup an ubuntu apache2 server. It has been running brilliantly and I am highly impressed with the Linux system. My box is an HTTP server and I am hosting a website on it. I have VSFTPD installed and functioning as my FTP software. It has worked fine so far but I have been a bit annoyed that I have had to set permissions for each file I have put on there.
Now I have run into a serious issue with the permissions being set to 600 and I really need them to 755 because I am running an automatic upload for a webcam and the Image can't be accessed due to the automatic permissions of 600 being set to the image. My extensive windows background tells me that I need to apply the correct permissions to the WWW folder and get the files to inherit these permissions automatically.
I am running into a Brick wall with this. And thought that the knowledge and expertise here would be a good place to seek help.I have CentOS 5.4 server running Samba on a WinBloZ network. I have the groups all setup and that aspect works fine. But here lies the issues.In a shared directory with group permissions set if someone on the group with permission to this directory creates a file they are the only person that can edit / modify that file. That file need to be editable by the entire group. But the only way thus far I can achieve this is to manually chmod the files in the directory. I know there is a way to fix this, but I have not found it. Can someone please explain how to make this work for me.
View 1 Replies View RelatedI have a Samba share set up on a SUSE server that about 30 Windows XP clients are connecting to on a daily basis. They connect using Winbind and their Active Directory usernames and passwords which are stored on a Windows small business server (Server 2003). The share is called "company" and it's right off the root of the partition. Within "company" there are about 75-100 folders, most of which need to be publicly available and publicly writeable. There are a few that need to be locked down to a certain group of people so I've used group membership and access control lists for those.
The permissions on new files/folders still aren't right though, so I'll just try to explain what I WANT rather than trying to resolve what is HAPPENING since I think that'll be easier. Currently the entire company directory and all subdirectories and files are user-owned by "administrator" (an active directory domain admin). I'd like new folders and files created anywhere in that directory or any subdirectory to maintain that ownership by administrator, regardless of who creates them.
Likewise, the entire directory and all subdirectories/files are group-owned by "domain users" (a builtin active directory group which is pulled in via winbind) which gives everyone write access to everything. I'd like that ownership to be maintained as well on any new files or folders created in /company or any subdirectory therein. I think this is working for the most part as I've set the setgid bit on company. I'd like any files or folders created in /company or any subdirectory therein to have 770 permissions (rwxrwx---).
So, what I want is regardless of who creates a file or folder anywhere in "company" - it should be owned by user "administrator" and group "domain users" and have 770 permissions. I'd like to make a little tweak to this post. Above I said I wanted anything created under Company to be created with group owner "domain users" - that actually only goes for anything that will be public. On the folders I have locked down via group membership and ACLs the new files/folders created within should maintain ownership of whatever group owns that directory. I should be able to do this by setting rwxrws--- permissions on secured directories.
I have a home network setup. The server has OpenSuse 11.1 installed. I have a laptop with Ubuntu 9.04 and my wife has an iMac. My wife an I are both members of the same group and that group has full rwx permissions in the directories we access. All the directories we need belong to that group. We can all connect to the server and access files without a problem. However it seems that all the files are read only for the other user. In other words if I make a directory on the server and save a file in there, I can access it with full permissions and my wife only gets read access and vice versa. What should I be looking out for or checking that would enable both of us to have full permissions other than setting permissions on the directories to the group we share (which I have done)? I also have one other question.... I notice that some users and some of the groups have the same number. I assume that this is normal?
View 1 Replies View RelatedI'm setting up an automatic mount point on one of my servers. However, for this file I only want certain people (permissions) to access it once it is mounted. I'm figuring I need to place this either on an ACL (via setfacl) or by configuring this in my mount point config file (auto.misc) . Has anyone done this before, restrict use of an auto mounted directory?
[Code]...
This is a interesting confusing problem.Ok I have group with 3 users.I have a folder in /home with owner as root, and group that has read/write permissions.However if a user opens up a file and saves it via samba, the owner changes to the user, and the group members only have read permissions on the file.
View 4 Replies View RelatedI'm getting the error described in this bug. The fix is described in the bug:Code:The following additional SELinux permissions were found to resolve the situation:
samba_domtrans_winbind_helper(httpd_t)
allow httpd_t winbind_helper_t:process signal;
apache_append_log(winbind_helper_t)
[code].....
I want to host a public FTP on my server, but i cannot get it so that people can read and write but not delete ANYTHING from it.
I have tried:
chown root /home/ftpdir
chmod 1777 /home/ftpdir
but people can still delete the files in it, i have no idea what to do next. that's the only thing i can find on Google about how to do it.
the users are logging in with the same Account, i cannot make a new account for each one.
I have a problem with my external hdd, I mounted it manually and in the mount table it says ive got rw permissions. But when i try to change permissions it says:
chmod: changing permissions of `whatever': read-only filesystem.
This is my mount table:
[root@localhost ExtHDD]# mount
/dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw)
none on /proc type proc (rw)
none on /sys type sysfs (rw)
[code]....
I just installed LAMP server and it works. Anyway, I have problems with permissions to www/. I can't access it! Its located in /srv/www.
What do you suggest? I need to be able to freely add/modify/remove files under www/ as 'dagrevis' (not 'root').
Trying to setup a file server for a small group of users and I am in need of help with file permissions with Ubuntu Server 10.10.
I have a single share mapping (ex /media/hdd1/share1). There are several folders that everyone will need read/write/edit permissions and there will be a few folders that all users will need read permissions and a couple of users will need read/write/edit permissions.
I have tried several things and as long as I create the folders/files through ssh using sudo, the permissions are fine, but when the users create file and folders through their computers (mixture of Windows and Mac) that user becomes the owner and no one else can write or edit those files.
I am using SAMBA and though it was a config issue with that but I logged each user directly into the server with the same issue.
I tried sudo chmod 777 /media/hdd1/share1 but all newly created files have the above issue.
I have a server running RHEL6 and a virtual machine also running RHEL6. I created a directory /home/data on the server and another on the VM. When I mount the host directory on the VM, I am not able to change the ownership/permissions through the VM no matter what. The ownership is set to "nobody" and I can't even change it to root.
View 4 Replies View RelatedI have created a ftp user in centos 5,but it got all permissions to delete files in other location,view the entire directory and create any folder in every place. How to deny this permissions to the particular user.And please help me to give permissions only to a specified location given by the root.
View 4 Replies View RelatedWe have a bunch of directories created for apps on server that were configured to a local group account (for ex: oracle). We have enabled AD using winbind after 6 months after these servers have been in use. So how can we tie the local oracle group account with the one in our AD tree.the test useris configured in the oracle group in AD and the test users primary group is oracle
View 1 Replies View Relatedwe have a data transfer network drive, shared via nfs and samba.But now I got the special demand to make any of the files read and wirteable, regardsless of the permissions they had before.With acl I get the right permissions (via default values) but the standard unix permissions overwrite this. e.g. when I have 644, it does not care that the group has write permissions)Does someone have an idea (except chmod via cronjob )
View 1 Replies View RelatedI am a new, working on RHEL5. I am a bit confused on file permissions. I want to know how the setuid, setgid and sticky bit works on linux. And what are the advantages of using these bits? Can anyone explain me the main concepts of using these permissions?
View 4 Replies View RelatedI'm having an issue that I've seen before on other OS's (Solaris), but I'm coming up blank on solving for an NFS mount shared from RedHat I've googled this, and looked through all the FAQs and mail lists I can find.
The issue is this:
Whenever a new file is created from an NFS client to an NFS mounted file system, the group and world permissions are being stripped such that any new file created ends up with 0600 as the file permissions. On the server, I have tried various sharing options (all_squash, anonuid, anongid, no_acl) with no luck. I've looked at the underlying mount point ownership and permissions, checked the file system acl's (getfacl...they match the visible file system), and set the custom SELinux (not mine) config to permissive. The file system is on an LVM partition, and has an SELinux group assigned in /etc/fstab. I've unmounted it, and performed a vanilla mount (no options). No amount of trial and error is working. Any file created by any user on an nfs client machine creates files with 0600 permissions, and local users on the nfs server create files with permissions based off their umask settings. I originally thought it was due to mismatches in permissions from Windows to Linux (The server also NFS shares to Windows 2K boxes using hclnfsd (PC/NFS)), but I confirmed the same issue between RedHat systems.
One thing I'm wondering from my reading. It's mentioned in many places that ownership should be root in most cases and not some other user. This entire file structure is owned by a user that is ONLY local to the server box (long story, but the box is isolated....no DNS and only local users and settings).
On our fileserver, we primary use samba to share files to our users, but a few users have to use ssh/sftp to access the file server. In samba we have the shares setup so that permissions are forced to be the correct group owner and group read/write. The problem is those few who access via ssh/sftp. There files do not have the correct permissions. These people are not the most computer savvy, I'm dealing with biologist here. Is there some way to fix this or will I just have to setup a cron job to go through and set permissions periodically?
View 1 Replies View RelatedI am using RHEL 5 on my server. The client machines are windows XP.File sharing is through samba server which is working okay. On this file server there is a shared directory for users. This directory contains files which are used by various users through oracle APP. and DB server.
At present the folders under the "shared" folder are having all permissions i.e. 777. To restrict certain things, I want that users may read and modify the files but may not be in a position to move or delete the files. How to set the permissions on the folders/files in this scenario?
I am using Joomla and a script within it. That Script is suppose to copy tables from one DB to another.
Code:
Error(1) [1142] query [CREATE OR REPLACE VIEW test_users AS SELECT * FROM `localiz_master`.`jos_users`]. DB Error: CREATE VIEW command denied to user 'localiz_master'@'localhost' for table 'test_users' SQL=CREATE OR REPLACE VIEW test_users AS SELECT * FROM `localiz_master`.`jos_users`
Error [1142] retrying query [CREATE OR REPLACE VIEW test_users AS SELECT * FROM `localiz_master`.`jos_users`]. DB Error: CREATE VIEW command denied to user 'localiz_master'@'localhost' for table 'test_users' SQL=CREATE OR REPLACE VIEW test_users AS SELECT * FROM `localiz_master`.`jos_users`
localiz_master: name of the DB from which data is suppose to be copied.
jos_users: name of the table form the main DB.
localiz_master: user for the DB.
localhost: host
test_users: name of the table to be created.
We do have phpmyadmin but the user's table is hidden. What SSH command we might run to make localiz_master user have access to all the databases.
I've got a red hat box joined to a win 2k3 domain and I'm using pam_mkhomedir.so to create user's home directories on first login to the box. extract from /etc/pam.d/sshd Code: session required pam_mkhomedir.so skel=/etc/skel umask=0022 The problem I have is that this only works if I switch SELINUX off (i.e. set enforcing to disabled ). Unfortunately, the error messages are not very helpful. Extract from /var/log/secure below:
[Code]...
I'm attempting to set up a Samba share on my lab's small server (Ubuntu Server Edition, 10.04). It looked easy enough, but the share that I set up didn't allow anyone to actually put anything on it: no uploading stuff, etc. (You can still upload files via the command line, so I implemented the unix extensions = no fix). The share is writeable and visible, and anyone can access it (according to the Samba GUI). According to the smb.conf:
[Share]
path = /home/something/Share
writeable = yes
;browseable = yes
guest ok = yes
The other Windows machines in the lab see the new server and its share automatically, although they can't make changes to it, like create a new folder in the share. Most of my lab uses Snow Leopard (OS X 10.6), and a few others use Windows. I can connect to the server using my MacBook either through the terminal or Finder -> Go -> Connect to server -> smb://blah.someplace.edu without problems.
I can do pretty much anything via the command line, but not through the Finder! If I want to create a new folder, it gives me an old-school error message (stupid blue face): "The operation can't be competed because you don't have the necessary permission." If I want to drag-and-drop a file from my desktop to the Share folder, I get a pop-up window (lock + blue face): "Type your password to allow Finder to make changes." If I do, then I get another pop-up: "One or more items can't be copied to "Share" because you don't have permission to read them. Do you want to copy the items you are allowed to read?"
