Ubuntu Security :: Create 760 But Even If Change The Mask It Still Generates The Same Permissions?
Jan 23, 2010
I have a setup samba and want to get the correct security permissions when my wife creates / copies files from her camera onto the shared/mapped drive on her new laptop (windows 7) I want the permissions set to 770 or maybe 760. See my config below.
Now I can get it to create 760 but even if I change the mask it still generates the same permissions. After every change I restart the samba service. the umask is still 0022, do not know if that makes a difference? The directory permission's are correct with this mask. Do I need to look at groups?
I've been using Ubuntu for a few years and I am having issues trying to load .jar files and .exe files in Wine. I keep getting an error message that says my computer doesn't have permission to load these files. I've done some research and found people saying to enable the file as executable in the files properties, to enable executable in the permissions folder, and to allow source code on the Ubuntu Software screen, but whenever I try to check these boxes, they immediately revert to having a line through them instead. I remember when I was running Ubuntu a few years ago I was able to completely disable this restriction in terminal, but I can't remember what I did.
i try to copy file music .oog .wav from Music folder to /usr/share/sounds/freedesktop/stereo but i can't and in folder /stereo i can't manage rename ,cut ,move to trash for all file .ogg when i right click at file to look Properties > at permissions i saw owner : root can not change these permissions
that 's i not understand about owner . and how i can change these permissions ?
Recently I've tried installing Calibre from the Software Centre, but it seemed to be glitching as when I press Update Source, the 'In Progress' icon shows up, but when it finishes nothing changes - the Update Source button is still Should I report this?Anyways, I've installed Calibre from their website to .calibre in Home Folder. However, the folder is 'locked' as it requires root priveleges and I can't drop files there without being the admin. I'd like to reduce 'open as root' files to minimum, so I was wondering if there is a way to change the permissions of all the content in one operation, preferably using GUI, and not the terminal?
In addition I've noticed that other folders in my Home Folder like Pictures/Wallpapers require root privileges. This is really annoying as when I 'experiment' with Ubuntu I use Live CD to make sure I don't screw up the main system. When I do I can't open some files from hard disk because of those root inconsistencies
My machine is trying to communicate with another computer. I�ve blocked the traffic with this machine with iptables (input and output traffic), but I want to find the origin of this traffic. There�re 90% of probabilities it�s a trojan, and I want to find it.I have logged the packets with iptables (and then dropped), but with this I don�t know the proccess source.I�ve tried with netstat -o, but I don�t get nothing.How can I see the Process source (i.e. the PID) of this traffic?The traffic are TCP packets, with SYN flagged active (my machine is trying to establish a connection with that IP).
Still working on the mask of files for shared folder. I now have a shared folder with the exact behavior I expect : Code: sudo addgroup share_group sudo mkdir /media/volume/shared_dir sudo chgrp share_group /media/volume/shared_dir sudo chmod g+s /media/volume/shared_dir sudo chmod 770 /media/volume/shared_dir sudo setfacl -d -m group::rwx /media/volume/shared_dir sudo setfacl -d -m other::--- /media/volume/shared_dir emma@box:/media/volume/shared_dir$ ls -al total 8 drwxrws---+ 2 root share_group 4096 2010-02-09 12:53 . drwxr-xr-x 8 root root 4096 2010-02-09 11:58 .. -rw-rw----+ 1 emma share_group 0 2010-02-09 12:53 test By default, user from the group can modify this file. That's perfect.
I have define the share in Samba this way : Code: [share] comment = Shared Folder path = /media/volume/shared_dir browseable = yes guest ok = no read only = no hide dot file = yes # force group = share_group # create mask = 0660 # directory mask = 0770 # force create mask = 0660 # force directory mask = 0770
When drag & dropping a file in this share, here is the default mask: Code: emma@box:/media/volume/shared_dir$ ls -al total 192 drwxrws---+ 2 root share_group 4096 2010-02-09 12:54 . drwxr-xr-x 8 root root 4096 2010-02-09 11:58 .. -rw-rwx---+ 1 emma share_group 6148 2010-02-09 12:54 .DS_Store -rw-rwxr--+ 1 emma share_group 176684 2009-12-21 23:33 IMG_7487.jpg
So the dropped file have execution rights for the group, and read access for other. I expected it to have the same rights than the file created directly using the touch command. I tried to play with the mask options, without success. The file has been dropped from my mac, which is a Unix like OS. I guess that some authorization access are inherited from the original file, for the user and other parts. But where does the group authorization come from ? Moreover, is is possible to define in samba a default mask, whatever the authorization of the original file?
Some time back using this computer a SucKit rootkit was found. Having dd urandomed the drive, flattened CMOS battery, flashed BIOS, run Knoppix live CD 6.1,using no flat pack battery (laptop), and memtested the RAM, I am still having problems with what I suspect is a javascript file that tries to reload the rootkit from? firmware. I suspect the firmware as everything else should have eradicated it??
Also it or a hacker via a backdoor then corrupts the drivers so devices malfunction. Windows security programs and rootkit detectors don't seem to pick it up. Fresh install of Windows or linux after the above still show this problem, though internet not used. The person who admitted rootkitting this machine is capable of writing java programs or using javascripts to do all this.
When viewed using Ubuntu 8.4 files and dates on a Windows partition appear normal both in file manager and terminal. However booting using Knoppix CD these files are all green, and I cannot change their permissions, even as root. ie: everything is green including text files etc. If I copy them to a linux partition, I can change their permissions and make them nonexecutable and nonwritable. Also on the Windows FAT32 partition the . directory has the date 1 Jan 1970.
If I disable any green files, I can shutdown and reboot cleanly. If I don't I start having problems shutting down [/usr/sbin/init ?] And always these follow a pattern:
Can't remember details as I have now corralled the beast but error messages relating to:
tasks of an administrative level that we can use Shell Script to automate them. It's a kind of homework for me to figure out how to automate those tasks. Using PHP and Shell Script design and develop a Web Interface to change or set the IP Address and Subnet Mask of the UNIX / Linux System. The related services must be restarted automatically for the new IP Address and Subnet Mask to take effect. No user name and password should be asked for when using that Web Interface. How would you do it?
I am using ubuntu Lucid and connected to a network with windows machines.Our network admin changed some settings in the network, and all machines need to change their subnet masks to access local machines (e.g. I am getting "unable to mount" message when I try to connect other Windows PC's on the network.)
If I open the connections panel, and "Edit" the "Auto eth0", I can get: IPv4 Settings -> Method -> Manual -> Addresses -> Add .And I am pretty sure I will put new subnet mask address into "Netmask" box, what to put others? Namely:
IP Address, Netmask, Gateway and below: DNS Servers, Search Domains
I can get some info about my network connection by right clicking network icon on the panel, and select "Connection Information" Tried to fill manual settings with some of those info (the ones made some sense to me) but I still cannot mount windows network drives, plus my internet connection dies.So, is there any way to change Subnet Mask "ONLY", without touching any other setting.
Finally I managed to install my printer/scanner drivers.The last thing I need to do is to add the following two lines to 40-libsane.rules (which is a read only file):# Brother scanners ATTRS{idVendor}=="04f9", ENV{libsane_matched}="yes".How can I change permissions for this file or add these lines without changing permissions?
I'm new to Ubuntu Linux but have many years on windows platform. Please can someone help me with how to change the following items.
No.1 I would like to change the HORRIBLE!! YAK!! brown background color behind the word Ubuntu in the start up screen when the machine loads up (before the login). I have located the image file for this which I have found to be: /usr/share/images/xsplash/bg_2560x1600. jpg but the OS says that root is the owner and that I don't have permission to change this. So how can I change this for a color I do like.
No.2 I would also like to change the login dialogue screen style. I know this is possible but again I'm fumbling to see how I can do this. I have tried with the start up manager but every attempt fails, the settings don't take. Once again I suspect permissions are at the bottom of the problem?
No.3 Would like to have a colorful splash screen image on boot up, I've managed to remove the old one (small white 3 ring ubuntu logo on black background) but havent been able to install or replace with a new one. Its been incredibly frustrating, I'm feel sure I'm missing something simple here. Wondering if its permissions yet again?
Anyone who can offer help on any of the above, guidance or advise me would be much appreciated. Please bear in mind that I'm still very much feeling my way with Linux so keep it simple.
If this information excists here so sorry I was not able to find it. How to change permissions in Unbuntu for those people who are trying to change persmissions in a subdirectory.
Open the terminal and then type: Quote: sudo chmod yourpermission number /thenameofyourdirectory
I'm running Apache2 under uBuntu 9.10. My problem is that I use my own user "wavesailor" to work on my websites. I kept all my sites under /var/www and I set up the security of the directory after following the guidelines.
Files saved on our ubuntu server via samba server are all being created/saved as read only (-rwxr--r--). The users are MAC Users who are connecting via finder.I have taken 2 steps:First I added the lines "umask 0000" to the .bashrc files in the users' home directories.Second, I have modified the /etc/samba/smb.conf file such that I set "create mask = 0000" and also "directory mask = 0000" but the files are still being created as "-rwxr--r--".
I just installed Ubuntu workstation into VMware and then installed Apache, Mysql, PHP, and phpmyadmin.I am able to access Apache from any computer in my home so there is not issue there.The issue I am facing is when I try to copy anything into /var/www/ I get a permission denied messsage.I added myself to the administrators group and then rebooted but still get the same message.
I was able to access it by using the following command...gksu nautilus.I don't want to have to do that every time. I would like to be able to access it by just opening "Documents" and the selecting "file system" inside of Nautilus.
I keep creating practice perl scripts in a linux directory using vi <filename> and need to chmod 751 <filename> before I can run it as I wish to. I'm sure there is a simple way to default my permissions or config them at creation, but I'm not familiar with it ayuda me por favor.
I am not putting lnux on my mac, so I don't think it goes in the Apple section and Security is the closest I could find regarding file permissions, so excuse me if I am in the wrong area for this question. I need to back up my macbook (OSX) data. I do not have another mac nor do my friendsw.. I do have a PC running ubuntu 9 though. So I hook it up and can see it, but all the document are locked and I dont have permissions.... now with windows I know how to take over permissions, I have looked online and the closest I found is using the temporary root user command to view all locked files but that gets me to about 25% my data.
I have upgraded to Lucid, but was having the same issues on Karmic. I made a 2nd user acct we'll call X and we'll call the original acct Y. All of these issues only happened after creating X.
On X I have: sound Things wrong with X: I don't have the ability to modify any folders (even ones that are made from X's acct), I can't change the password or even access the Users and Groups, I can't modify any browser settings in Firefox but can on Chromium, the option for wireless is completely gone
On Y I have: the ability to access users and groups, the ability to modify all folders on either acct, the ability to change any settings on anything Things wrong with Y: no sound (doesn't even show the driver, but the driver is there on X's acct), wireless is completely gone (just like X's acct), even though I can access Users and Groups I cannot modify anything about X's acct
My first thought was to completely delete X since that's when all the problems began, but I'm afraid that since X seems to have "stolen" my sound card, that will be lost forever. I am also afraid that since neither account has wireless deleting X might hinder ever getting it back.
I have read that to improve security in Ubuntu a good fix is to make the /home folder tree non-executable by default. This would mean that malware could not run in the /home tree without changing the setup.Is this a viable change, or is it just icing on the cake, any one any thoughts on this.
MySQL gets installed with root user by default, root user can administer every mysql database installed in the system. Question is how to create a new user that will not be able to administer all the databases in the system the way as root user is? Can it be done using webmin?
I'm trying to change the autoplay value in an .inf file that is embedded in my western digital MyBook; but I can't get past the read only property no matter what I try.
I have an external hard drive which has the mac os filesystem (hfs+) and it is read-only. I was trying things like 'sudo chmod 777 /path/to/my/drive' or 'sudo chmod -R u+w /path' but it wasn't working.
I just want to be able to have write permissions, anyone know how?
for some reason i am not allowed to change the permissions on my hhd i have a 3G partitioned off of it but i cant acess the other 290G what i can do to get permission
my HD is partitioned in 3 volumes. The one witch is Ubuntu installed, I can change the permissions normally. The other ones I try to change the permissions on the properties and on terminal using chmod, but none of those work. They work only in the Ubuntu partition.
I have Ubuntu 10.10 and mythtv. I am trying to get recordings to appear in "watch recordings". I went to var-lib-mythtv-recordings to watch a recording. It wont play so I checked the properties and permissions. It says "You are not the owner, So you cannot change these permissions" I'm logged in as adminastrator and I'm the only one with access to this computer. I cant find a way to change the permissions.
Recently I installed ubuntu 10 on my machine. Installed using windows installer and it is installed in one of the windows drive. It didnt asked me for root password, so i used sudo -i to become a root user.
now when i was trying to execute a file named all.bash [URL].. using ./all.bash but it says permission denied error. I saw that the file have only read and write permission. I tried to change the permission by using chmod u+rx all.bash but it does nothing. Is there any way to change the permissions.
how to use permissions. I ran into a weird problem in which I am unable to change permissions as root. I have a file I've been testing commands on, and somewhere along the line I think I gave it zero permissions. Now I'd like to restore some permissions, but can't. Here's what I'm looking at:
Code: jeremy@jeremy-laptop:~/test$ ls -l total 16 -rw-r--r-- 1 jeremy jeremy 235 2011-05-17 13:15 onelink -rwxr-xr-x 1 jeremy jeremy 27 2011-08-02 18:05 threecopy -rwxr-xr-x 1 jeremy jeremy 27 2011-05-09 17:10 three.txt
I am trying to figure out how to change the permissions on Wine, so that the only thing the users on this computer can do is access the programs on Wine that are already installed. Here's what I did already:
- Accessed Home Folder - Accessed 'Hidden' folder called '.wine' - Right Clicked on 'dosdevices' and changed permissions to 'Access Only' - Right Clicked on 'drive_c' and changed permissions to 'Access Only'
Now I need to know how to set these permissions in order to lock them permanently. Keep in mind that I am a newbie and may not understand in depth lingo regarding the terminal.
