General :: Give Permission For Users To Log On To Either Of Two Servers?
Apr 5, 2011
a small lab of linux servers contains two servers. the administrator wishes to permit user settings and project files to be available when users log in on any machine descibe the server processes needed on the servers
I am using Fedora 14 64-bit and after login through a user other than root when I try to open any folder on other partitions I get the message that I don't have permission to access such and such folders.
The desktop computer of my two children has a total of three users:
1) The superuser (me) 2) The user 1001 (my elder son) 3) The user 1002 (my younger son)
Both users 1001 and 1002 can not access their files system, and also they can not save any attachments from incoming mails.
What I tried so far: I accessed the file manager as superuser, and went: >Root>Home. Here I right-clicked on the folder User 1001, selected properties, selected the tab 'permissions' and allowed this user to read and write into this folder. I also checked the checkbox �extend this permission to all subfolders and its contents.
The problem is, when I reboot, everything is 'forgotten' and I am at quadrant zero again.
Eventually I should state that part of the folders are from a backup drive, because the hard disk had to be replaced so, once I re-installed the OS on the new hard drive, I copied the folders from the backup drive into the home folder.
One last question: Is there a good tutorial about permissions?
So, I am looking to implement an FTP server with Isolated Client accounts/directories where a client can only access what's in their directory. I also need to provide my internal user's (content managers) the ability to upload, delete, etc from all of the Client accounts. The simple part is creating the secure client accounts. It's a matter of changing DIR_MODE in adduser.conf to 700 or 770, creating a user, having the FTP server chroot them to their home directory, revoke/restrict shell/ssh access and maybe even slap on some ACL to prevent botched permissions.The hard part is figuring out how to give my power users the ability to access all of their folders without thrashing security.
My first thought was to put all of the client user-groups in a parent group and having my internal users inherit group permissions..but you can't have groups inside of groups.My second thought was to put all of the client users in the same group and prey that the FTP chroot is enough to keep them from poking around but then I have the problem of how do my internal users access other user directories if they are chrooted. Do I create a second server without chroot.do I create some weird nested homedir structure..I honestly have no idea how to satisfy both requirements (secure client accounts and privileged user accounts). I need my privileged users to authenticate against Active Directory via Likewise open, LDAP, etc and I don't care how the clients authenticate. Though, I would prefer to have both file and FTP-server level protection just to make sure no one can see the other client's data.
We have a ftp server. Red Hat Linux release 9 (Shrike) working on the this server.Ftp server running very good. But I want to give 2 folder permission an user. Is this ssible?Example,We have a user that name is aslan. I want to connect this user to www/html/company/adek folder with ftp connection. Then I am changing this user home folder in the /etc/passwd as aslan:x:511:511::www/html/company/adek:/bin/bash.This user doing succesfuly ftp connection to this folder with a ftp program as Filezilla.Now, I want to also give a different folder connection this user as www/html/company/meleka.Is This user can be connect this 2 folder with ftp connection? Is this possible? Can i give 2 or any more folder connection at the one user account?
Below is marina, a sales rep, and brian, a super user of sorts. id marina: Code: uid=1011(marina) gid=1006(office) groups=1006(office),1005(sales) id nick: Code: uid=1000(brian) gid=1006(office) groups=1006(office),118(admin),1001(full),1002(processing),1003(management),1004(it),1005(sales)
Below is the directory with all the sales reps folders. ls -la: Code: total 60 drwxrwxr-x 15 root it 4096 2011-02-10 20:06 . drwxr-x--- 9 root office 4096 2010-11-19 12:40 .. drwxrwx--- 13 katya full 4096 2010-12-07 12:36 Katya drwxrwx--- 18 lana full 4096 2011-02-08 17:09 Lana drwxrwx--- 23 marina full 4096 2011-02-10 18:09 Marina drwxrwx--- 4 mike full 4096 2011-02-01 12:42 Mike
With this setup marina only be able to browse her folder, but she can browse all folders and has full write access to all folders. This leads me to believe something is up with the smbd.conf file, which is below.
Code: [global] workgroup = COMTREAD null passwords = no server string = Root Server dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 .....
In this case the valid users directive would not work cause I am not making a share for each user. I had this on other shares like the db2 share. My windows box lagged heavily when I tried to access that share with an invalid user. How to deny users the ability to modify permissions I would also like to do that.
I'm trying to do something like thisi created a group called www and made this group the owner of the directory/var/www/htmlso i can read and write to it.of course I've add my self to this group, but it seems i can't read and write.the syntax i used was something like chown :www /var/www/html.didn't workonly when i used chown samurai:www /var/www/html i could finally could create new file.the reason i don't want to specify the user name is because I'm thinking of a scenario when i need to give permission to a large group of ppl and don't want to do it user by user.
I have a program(that is written by me) which need super user permission to execute it. But I need to let the normal users to execute it without using 'sudo ./executable' and just './executable'. how i can set the program to execute by the normal users without using 'sudo' or password prompting.
There is a folder that is owned by user tomcat6: drwxr-xr-x 2 tomcat6 tomcat6 69632 2011-05-06 03:43 document. I want to allow another user (ruser) write permissions on document folder. The two users (tomcat6 and ruser) does not belong to same group. I have tried using setfacl: sudo setfacl -m u:ruser:rwx document
but this gives me setfacl: document: Operation not supported error.
I am using CentOS release 5.4 ( 2.6.18-164.9.1.el5xen ) and created an HPC cluster by using NIS ( for user authentication ) NFS ( as file system ) and mpich1 as parallel compilers and utilities and TORQUE as job scheduler. I want to make sure all users should use scheduler for job submission and should not submit the job directly ( qsub job.sh ).
I want to prevent all users from executing executable files created by self , from its home directory .
Suppose if a user create an executable a.out and if he tries to execute by ./a.out it should display an error.We should also allow users to execute normal user level linux commands .How can I implement such a set up in my environment
I got myself curious on the possibility to change user's permission to any command, or at least giving other users some command line "power". It all started a few days ago, when another user here, had a problem so that the computer wasn't answering. So, after waiting a while, chose to hit the Reset button and start the computer again. Considering this situation, I thought myself that it would have been better to restart the computer, through command line, on any terminal (F1-F6). Anyway, this user is no administrator, thus wouldn't have permission to use the code...
So, is it possible to let other users to use such commands, in order to safe rebooting the system, without logging as root?
I'm having trouble breaking down permissions in linux. Here's the scenario. I have two users: UserA & UserB with each having to ownership and access to directories myDirA and myDirB respectively.
UserA --> /source/myDirA UserB --> /source/myDirB
I need to set the permissions so that userA can access myDirA and myDirB. There are other users and directories but they should not be able to view outside of their own directories (which is the way it is now). I don't have groups set up for them and I'd rather not change anything else but just the permissions.
rwxr_x_r_x UserA rwxr_x_r_x UserB
They're read/write/exec permissions are identical.
I need to configure software as debian image to work on server. I need to create user who is not root, but being able to change IP (I don't know if administrators who will install my image need to give static IP to it, so I want to create special user role for them being able to change IP but not able to see some restricted folders in the image).
How can I give www-data permission to use sudo? I used to assign permission to users to use sudo using KDE but don't know how to do it on a headless server.Basicly I have a web application running that wants to call a command that needs root privs. When it calls this command it's running as www-data. I guess it's not working as www-data is not allowed to use sudo. If it can use sudo I could for example...Code:echo "password" | sudo -S "some admin command here"I could be wrong but i'm petty sure I just need to give www-data permission to use sudo?
When I start a Kubuntu session, KNetworkManager requires that I type my password to the Wallet before it has permission to connect to the internet. How can I automatically give it permission without entering my password every time?
On Opensuse 11.3,a normal user could not access and modify files in other partitions as the default setting .Is there any way to give a permission to a normal user to do these things instead of do these as a root user?
I'm running WoW through wine. In order to install addons I need to give all the files in the program permission to execute as a program. the problem is I can't (dont know how) just right click the folder and give everything inside permission i have to open each one and give them all permission, which can quickly turn into hundreds depending on the addon. how to give permission to execute as a program to all the files in a folder at once it would save me a lot of clicking and time.
i'm running VirtualBox v3.0.2 on F11x86_64. As my guest in virtualbox i will am using xp sp3. In virtualbox settings i need the use of my serial port (e.g. com1). I have `enable serial port` ticked, port number set to com1, port mode set to host device and port/file path set to /dev/ttyS0. I have done hours of searching and this is the best i have come up with so far. My question is this: How do i give permission for my guest os to use the serial port?
I have my own dedicated server box running (using it for game servers). I access it via ssh and I have root control of it. It has FEDORA Operating System. I wanna give FTP control of different directories to different users. Right now there are no other FTP users except root. I have installed vsftpd and dont know what should I do next? How do I add users (who can read/write/delete files) and How do I restrict them to their home directory?
Here is what I want: username:client1 password:12345 home directory: home/server1 username:client2 password:12345 home directory: home/server2
I just created a 2nd user on my computer. I've got the hard drive that ubuntu runs on, and then a 2tb drive for media. If the 2tb is mounted on my desktop, it won't show up on his desktop even if I'm logged out. It won't show up on his unless I unmount on mine.
If I'm logged out I'm obviously not using it. So why doesn't it show up? He has all privileges. Is there a way to make this work without having to unmount?
I'm running karmic btw. If you need computer info let me know what to type into the terminal and whatnot and I'll paste it all here!