Security :: Setting Permissions On Different Groups?

Nov 26, 2010

We are a school and we share a samba folder with students and teacher groups. What we are trying to do is:

- Give students group users the permissions to rwx own files in folder

- Students must not be able to do anything with others files. I mean nothing so, at most, they could see the files in folder but not read it.

- Teachers can do anything with files in folder

As you can imagine, the idea is that students deliver their exams in that folder without the ability to read/copy the other students files. With sticky bit we can restrict students permissions to their own files, that is ok, but how to restrict all the permissions on other students files without restricting student access to that folder?

View 1 Replies


ADVERTISEMENT

General :: Setting Permissions For Specific User And Groups?

May 25, 2010

i wonder, why nobody has written about it ...

How can i grant permission for files to specific user or specific group ??

Updated:

We have 3 groups: "g12" ("u1" and "u2), "g34" and "g56".

"g12" should only read the file.

"g34" should write and read it.

"g56" should have all permissions (rwx).

And others should not access the file at all.

View 3 Replies View Related

Security :: Setup File Permissions For Multiple Groups/users That Use Windows?

Nov 2, 2010

I have a remote directory shared over NFS called tech with perms set as 0750 and owner set to root:tech. I have 2 groups: tech, and techAdmin. tech can read and execute within tech/. techAdmin can read, write, execute. I have 4 users: user1, user2, user3, user4. user1 and user2 is a member of techAdmin, user3 and user4 are members of tech. simple so far...but wait here's the problem. If user1 creates a file inside tech, user2 cant read or modify it because user1 owns it. Here's a few sites that reference this problem:

[code]....

View 4 Replies View Related

Security :: Set Permissions For Multiple Groups To Have Different Levels Of Access To One Group Of Files?

Feb 5, 2010

I am setting up a samba server to operate in a windows AD domain. I want to set permissions for multiple groups to have different levels of access to one group of files, and it looks to me like unix permissions will not do that? I always hear about how robust linux is, and it seems to me that their file permissions model is WEAK compared to microsoft's?

View 2 Replies View Related

Ubuntu Security :: Setting Permissions For Www User Only?

Mar 19, 2010

I wanna make a small web server for local use , I've installed apache, every thing works fine I'm the root

I wanna protect the folder that contain the htdocs files (www), i don't want any users that not in root group to access (not even read)

I changed the permission of the htdocs folder as next

Owner: www (apache user)
per: creat , delete
group: root
per: creat , delete
other: none

it only works on the main folder that i changed its permissions ! not all sub folders and files ! were my steps right ? and are their anyway to change all folders and files at once ?

View 4 Replies View Related

Ubuntu Security :: Tight Guest Permissions Setting

Feb 23, 2010

one thing i can't seem to be able to do is give the guest account just these permissions: using firefox (or other browser) and using one file directory and using a text editor. means the guest can browse the net and sefe some infos form that - nothing more. the previous version had something like that, it was really easy for me, a noob, to do it with two or three clicks. if this possibiility exists, what to do. if it's not implemented... maybe it should be. 'cause many people let others use the computer but don't want any complications...

View 6 Replies View Related

Server :: FTP Permissions For Several Groups?

Aug 1, 2010

I have a FTP server (vsftpd), and would like to setup different file permissions for different groups:

-"ftpusers" group should only be able to browse and download.

-"ftpadmins" group should be able to browse, download, AND WRITE (RNFR, RNTO, MKDIR....).

Let's say my main directory is /var/ftp/docs/. It should be accessible by "ftpusers" group, but only writeable by "ftpadmins" group. Other groups or users may not access it. Which permissions and ownership should I give? My problem is that the dir can't be owned by two groups...

View 2 Replies View Related

Fedora :: Strategy To Set Up Groups And Permissions

Nov 12, 2009

I'm setting up a Fedora 11 server for the company of one of my friends. So far so good. But now he has asked me to setup access restrictions to folders through samba. Now I'm quite familiar with user access policies, even though I'm quite new to the GNU/Linux world. What I want to know is : what is the best way to give and remove, on the go, rwx access for a specific user to a certain folder in a linux system? Can I create groups for each folders, whose members will have the given permissions? Or do I have to create users for each folder and add to their group the user witch i want to give privilege to?

View 5 Replies View Related

Security :: Setting File Permissions For File /var/log/Xorg.0.log?

Jul 7, 2009

i am trying to set the file permissions for the log files "/var/log/Xorg.0.log" and "/var/log/gdm/:0.log". These files seem to be created when a user logs into a whokstation (my guess so far). I am trying to comply with a security mandate that all log files in the directory /var/log are set to 0640. The two mentioned files always seem to have the permissions 0644, does anyone know where and when these filea are created and how I might set the permissions when the files are created

View 1 Replies View Related

Debian :: Users / Groups Setup And Permissions

Jul 13, 2010

I am used to setting up users and groups on my daughters computers with Ubuntu installed.
user: magz (daughter)
user: nigel (me)
group: nima

We each have our own folder for files i.e. magz and nige. This has always worked well and it didn't matter which user is logged in we could create and access files in the other users folder with full permissions.
root@nbsq: /media/2xfi/files# ls -l
total 8
drwxrwxr-x 9 nigel nima 4096 Jul 13 09:45 magz
drwxrwxr-x 3 nigel nima 4096 Jul 13 09:45 nige

I have finally got around to getting her to try Debian which I always use, however I have never had to set up users, groups etc in Debian (squeeze) so I just did what I'm used to with Ubuntu. What I've found is that if I create a folder while I am logged in then that folder cannot be accessed by my daughter when she is logged in and the same applies if she creates a folder then I cannot access it when I am logged in, unless of course I use terminal to change the owners. In each case with the new folder the owner will be: root and the group will be: root. I would have thought what works for Ubuntu would work for Debian, however there must be differences.

View 13 Replies View Related

General :: Set 5 Groups Diffrent Permissions To A Folder?

Nov 13, 2010

i have 5 groups, i want to set 3 of them to have full permissions to a folder and set 2 others with read only to same folder, please help me to solve this problem. in other words i want to set this 5 groups diffrent permissions to a folder.

View 14 Replies View Related

General :: CGI Script - Groups And File Permissions

Jun 6, 2011

I am having problems with groups and file permissions. I have a file owned by myself

Code:
-rw-rw-r-- 1 diblemar users 2.1K Jun 3 06:02 /cluster/shared/Injects/1404_1405_1000033606_79964.return.xml

I want to modify the file using a cgi script running on an apache server (on the same machine). Both diblemar and apache are in the same group.

Code:
apache:x:48:diblemar

However, I receive a file permissions error when I try to modify the file. I assumed that with the permission settings above apache would be able to modify a file owned by someone else in the apache group.

View 5 Replies View Related

Red Hat / Fedora :: Users In Multiple Groups And File Permissions?

Feb 12, 2009

this directory has permissions 750 and is owned by user1 and group user1 I have an admin user that is primarily a part of group admin, but also a part of group user1 what would stop admin from having read and execute permissions on this directory? I'm running clamav and have a clamd daemon running as user admin (I could run it as any user, and I may make a special user later, but I don't want to run it as user1, user2, etc).

I have 2 (technically lots more, but let's just say 2 for now) users, user1 and user2 that have home directories /home/user1 and /home/user2. each is owned and group owned by user1:user1 and user2:user2 respectively with permissions of 750. my admin user is part of groups admin, user1, and user2 I need this to be able to scan my user's directories using the command (is this correct?):

clamdscan --move=/files/quarantine/ --config-file=/etc/clamd.d/adm.conf /home/user1/file

doing this gives the error:

/home/user1/file: lstat() failed. ERROR

If I change the directory permissions to 755, it works fine.Or if I leave the permissions 750 and change the directory group ownership to admin, it works fine. So, why would this be? Obviously it is a permissions issue, but why is it not reading admin as part of the user1 group and allowing the same permissions as it does when making the directory group-owned by admin?

View 7 Replies View Related

Slackware :: User Permissions/groups To Access USB Scanner?

Jan 17, 2010

Slackware 13 64 bit Hp Photosmart c4280 USB (All-in-one)

- Printer successfully configured using CUPS

- Scanner only works when I am Root.

- When trying to access scanner as user it says there is no scanner attached.

What should be the groups for this user in order to access the scanner? Actually, they are: haldaemon, disk, audio, video, cdrom, plugdev, power, scanner, lp. Below are the outputs for sane-find-scanner (as both root and user), although, since the scanner works well under root, I am almost sure it is a problem with setting permissions and groups.

Quote:

# sane-find-scanner
# sane-find-scanner will now attempt to detect your scanner. If the
# result is different from what you expected, first make sure your
# scanner is powered up and properly connected to your computer.

[code]....

View 2 Replies View Related

General :: File / Folder Permissions And Groups On Linux With Apache?

Jun 26, 2010

I'm trying to learn about permissions on linux webserver with apache.Some clues to the system: The server I have to play around with is Fedora based. Apache runs as apache:apache. To allow for e.g. php to write to a file the file needs to be chmod 777. 755 is not sufficiant.What I'm wondering is basically how set up permissions like they should be on e.g. a "shared web host".My main problem is that if I set a permission so that one user cannot access anothers home folder, then apache can't read from the public_html folder either.

To keep the users out I need to set chmod 700. But to let apache to read I need to have at least execute on world,so a 701 basically works, but won't let some users in.So I'm really stuck on what to do. Have been concidering adding the apache user to the frous grours
below to avoid having to add the world execute flag, but is that a bad thing? Should it be the other way around, the users in the groups below should also be in the apache group?I was aiming at having 4 groups:

1. webapp: same as dev_int, but is the only one that can go inside the webapp/live folder to e.g. do an update from the repo.

2. dev_int: can read,write and execute everything in the "web root", including the two below, but nothing outside of the web root

3. dev_ext: can read write and execute in all client folders, but cannot access anything outside of the webapp root

4. clientsBasic ftp accounts. Has a home folder with a public_html, but cannot access any other home folders

View 1 Replies View Related

Ubuntu :: Advanced - IT Groups Can Read / Write Files But Others Have No Permissions

Jan 28, 2011

I have a file server running 10.04. I have a user that belongs to 2 groups (users is the primary and IT is the secondary). I have permissions set up so that this user and other users that belong to the IT groups can read/write files and others have no permissions whatsoever. I have also set the umask to 0007 so that any files created have the effective permissions. My concern is this: since my primary group is users, is it possible for me to create files with the owner group IT for only this specific folder?

View 2 Replies View Related

Server :: File Access Permissions - Working With Groups And Users?

Sep 15, 2009

Having set up many windows servers with complex permissions on shared folders, I now have to do the same in Linux (and I'm such a noob to Linux) I understand that each file/folder is assigned a user + group, and that the rights can be set for the user, the group and global (aka everybody else) My challenge is this, inside my shared folder there is a folder that should be RW to some users, READ ONLY to others, and not accessible at all to the rest of the users. (lets call the folder MyFolder ) All 3 groups have more than 1 user, so they have to be groups (right?) How would this model work in Linux ? If there is no other way, I guess I can nest the MyFolder in a folder that has permissions to allow all users that may access MyFolder, and block the rest, then on MyFolder, set owner group the RW users, and set global to READ ONLY.

Ps : The server I'm setting up runs Debian Lenny, files will be accessed from windows workstations using samba.

View 2 Replies View Related

Software :: Webmin Dansguardian Setting Up Multiple Groups Gives Error

Mar 10, 2010

I am running Webmin Squid and Dansguardian. Works great. Trying to set up multiple groups now. In the Dansguardian module it has an icon to set up lists and configs for multiple groups. I click it and I get the following:
Global symbol "$debug" requires explicit package name at /usr/share/webmin/dansguardian/setupfiltergroups.cgi line 114.

It repeats this same error message for line 123 138 139 141 302 and 315. I am running Ubuntu 9.10 desktop. Ubuntu is up to date. Not sure if I need another package or not? When I installed Webmin, I installed apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl libmd5-perl when I set it up, so I am not sure if I need another module or anything to help with the error?

View 2 Replies View Related

General :: Samba File Permissions For Multiple Groups In The Same General Path?

Nov 4, 2009

I'm using my Linux (SLES 10) server as a File Server at this point. I need to set File Permissions to nested folders differently to different groups. For example:

homesharedengineering* should be read only for groupA
homesharedengineeringadmin should be read & write for groupB Plus read only for groupA
homesharedengineeringautocad should be read & write for groupC Plus read only for groupA

I've been using Webmin and Putty to set permissions but Putty only allows me the Default Group, it won't allow me to set several groups on the same directory. Webmin seems to allow me to add multiple groups (Webmin --> Others --> File Manager --> Info & ACL tab will provide extended abilities) but when I add multiple groups, they don't seem to take effect? I'm wondering if my setup at the 'Share' level or at the hierarchy of my folder structure (unix based) needs to be set specifically?

View 1 Replies View Related

Ubuntu Servers :: Get A List Of Both The Local Groups And The Groups In The Active Directory?

Feb 4, 2011

I already know of a work around to fix this problem, but I guess my question is why is this not working as expected? I am using a Windows Server 2008 R2 Active Directory for authentication.

I have run auth-client-config for the ldap profile and pam-auth-update. When running getent passwd, I get a list of both the local users and the users in the active directory (with populated information in the Unix schema extension). When running getent group I get a list of both the local groups and the groups in the active directory (with populated information in the Unix schema extension).

Interestingly enough, though, when I run su DOMAINUSER, after the prompt for the password I get an authentication error. In /var/log/auth.log I can see an entry with pam_ldap: missing "host" in file "/etc/ldap.conf". The SRV records in the DNS servers resolve correctly. I've checked this with nslookup and I have seen the records within my zone file. Obviously if the ldap.conf file is working with getent and the ldap server is resolving from the SRV records, it is working fine.

The interesting part is that the Windows Server 2008 R2 AD machine shows in the event viewer that there was a successful authentication, yet the Ubuntu box says no. When I add the host within the ldap.conf file, everything works...getent and the actual authentication, either initial login or su.

[Code]...

View 1 Replies View Related

Ubuntu Servers :: Mapping UNIX Groups To Windows Groups?

Oct 12, 2010

I am currently trying to set up a Samba domain server. In the Samba-HOWTO-Collection I found an
example file.(Point 3.3.3.1) In the explanations of the example below, the author says I need to map UNIX Groups to NT Groups. He writes a shell-script of how one could do it, but when I copy it and then execute it, I get the error:

Bad option: rid=512
Bad option: rid=513
Bad option: rid=514

The other groups do get mapped, just the Domain Admins, Domain Users and Domain Guests dont. This is the shell from the HOWTO:

#!/bin/bash
#### Shell-Skript f ̈r sp ̈tere Verwendung aufbewahren
net groupmap modify ntgroup="Domain Admins" unixgroup=ntadmins rid=512
net groupmap modify ntgroup="Domain Users" unixgroup=users rid=513
net groupmap modify ntgroup="Domain Guests" unixgroup=nobody rid=514

[Code]...

View 2 Replies View Related

General :: LFS /tools/bin/groups Not Displaying Supplementary Groups?

Jun 8, 2010

So i am at the stage of about to install the basic system and am using a derivation of the package management provided by Matthias S. Benkmann. To this end I am using his useradd and groupadd scripts to update the files:

/etc/passwd
/etc/group

My issue is that when I run the commands(created as part of temporary system when installing coreutils):

Code:

/tools/bin/su linux
#then as user
/tools/bin/groups

(here linux is the name of the user) This only returns the user being in the group named after user but not the additional group of 'install' Also, prior to logging in as user, if I use this command as root:

Code:

/tools/bin/groups linux

linux install This then returns that the user is in the correct groups. Lines from relevant files look like:

Code:

#/etc/passwd
linux:x:10000:10000::/usr/src/build:/bin/bash
#/etc/group

[code].....

View 8 Replies View Related

Ubuntu Security :: When Try To Edit Password Via System>Administration>Users And Groups, It Doesn't Work?

Jan 2, 2010

I recently was able to network 2 computers at home and I wanted to make my password more secure. When I try to edit my password via System>Administration>Users and Groups, it doesn't workI am able to edit my user settings. When I change my password I enter my old one and it accepts my new one. Problem is when I try to install programs, login and do other things it only accepts my old password. How can I change my password?

View 3 Replies View Related

Ubuntu Security :: Www-data Security Permissions?

Mar 17, 2010

I'm running Apache2 under uBuntu 9.10. My problem is that I use my own user "wavesailor" to work on my websites. I kept all my sites under /var/www and I set up the security of the directory after following the guidelines.

Code:
sudo chown -R root:root /var/www
sudo chown -R www-data:www-data /var/www/*

[code]...

View 4 Replies View Related

Ubuntu :: Setting Up FTP With Permissions?

Dec 29, 2010

I recently got an old computer to use as a server and I have a whole list of things I want to do on it, but I'm having difficulties.When I installed the server, I installed AMP, FTP, Samba, CUPS, and some other items. I made a user account called 'nessdan' which (currently!) is in these groups:

www-data adm dialout cdrom plugdev lpadmin sambashare admin

The www-data group was added because I wanted to FTP my site files into '/var/www/' . Okay, that ended up working out for me. This is where things got sticky. I installed PHPMyAdmin and the files went to '/usr/share/phpmyadmin/' . I wanted to install a new theme so I downloaded it onto my Laptop, then logged in via FTP but couldn't transfer files into there! It turns out the folder was owned by 'root' and was in the group 'root'. The only thing I could come up with was to change that folders permissions so the owner was 'nessdan' and the group 'admin'. I was going to do that to the entire /usr/share/ folder but I didn't know whether or not I should be changing the permissions in the first place.

But the the trend continues! I have my print server setup and working but I wanted the server to hold the Windows drivers, so I went to '/var/lib/samba/' to do some work but noticed that a lot of the files' permissions were locked down to read only and the owner and group were 'root' . I ended up doing a 'chmod 775' and changing the owner and group to 'nessdan' and 'admin', respectively. Well I transfered over the files but now the service nmbd isn't working. The good news is, I expected to mess something up along the way and had already planned on reinstalling Ubuntu Server 10.10. I've only had the server for 4 days now and I knew from the beginning I'd be wiping it clean. I want to know how to set this thing up proper and the biggest problem is getting access into folders so I can FTP into them.When I do wipe my PC clean and start anew, how should I go about the changes that I did before (PHPMyAdmin, Samba Driver Folder)?

View 2 Replies View Related

General :: Setting Permissions On Unzip?

Apr 2, 2010

I wanted to assign ownership of my choice to my zip file while unzipping so I am using the command:

unzip yourfile.zip|awk -F": " '{print $2}' | xargs chown user.group

I also want to give 705 permissions to all directories and 777 to all files on unzipping?

View 3 Replies View Related

Ubuntu :: Setting Permissions On A Partition

Nov 29, 2010

I have just formatted a partition that had contained a windows OS, it is now formatted to ext4 and is dev/sda1 dev/sda2 contains my Ubuntu OS and all files although the empty partition shows up in Nautilus I cannot write to it as it is owned by root.I have done some research on changing the permissions on this, but am none the wiser!!

Enabling the root account is rarely necessary. Almost everything you need to do as administrator of an Ubuntu system can be done via sudo or gksudo. If you really need a persistent root login, the best alternative is to simulate a root login shell using the following command.I cannot find gksudo and do not know what commands to use in the terminal to achieve my goal. I am in totally unfamiliar territory here, and need some fairly simple explanation and guidance to be able to claim my empty partition so I can read from and write to it.

View 7 Replies View Related

Red Hat / Fedora :: Setting Group Permissions?

Feb 27, 2010

i am trying to finish up a lab in that i have i have some accounts created under groups called "mgmt" and "pl". I am trying to figure out how i can get the guys in "mgmt" to be able to modify files in a directory called "mgmt-final" but the guys in the group "pl" will only be allowed to read those files.

View 5 Replies View Related

General :: Freenas Setting Up Permissions

May 29, 2010

I have set up freenas with 3 1tb hard drives. I have set up the SMB shares for the drives and can view each shared drive from each of the machines on my network. I can copy files from the hard drives, on the freenas but when I try to copy a file to the Freenas hard drives I get a message that I need permission to do this. I have all my shares set as anonymous how do I change the permissions so that I can save files to the drives.

View 1 Replies View Related

General :: Setting Permissions For UGO In One Command?

May 20, 2011

'the command I would use to change the group permission to write and the user and other to read and execute for the file "generate-report"' Sounds simple enough but I cant get it to work at all, tried doing a search in google and on the forums here to no avail. Is it possible to do in one command or will I need two?

Ive tried:

chmod g+w, uo+rx generate-report

And numerous other variants all with no luck.

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved