Re: group permissions (was chroot ssh and ftp)

Sun, 01 Apr 2012 08:29:43 -0700 

> To: debian-user lists.debian.org
> Subject: Re: group permissions (was chroot ssh and ftp)
> From: Chris Davies
>
> Chris wrote:
> The problem with this is that you're making files executable. Personally
> I think you'd be better off just fixing just the professors' home
> directories.

Do you mean in the script (professor branch) something like:

   chown $USU:professor $USU
   chmod go= $USU

This way one professor cannot see each others dirs, but inside home a
file would be created (and stayed) like: rw-rw----
Right? Don't need the -R.



> > chmod g+s sam simon sony
> Again, here you're making files executable, and you'd be better off just
> tweaking the group and other permissions:
>    find sam simon sony -type d -exec chmod g=rwx,o= {} \;
>    find sam simon sony ! -type d -exec chmod g=u,g+r,o= {} \;

Nice touch. I changed the script to:


    if groups $USU | grep -q alumini; then
                        #echo Cleaning $USU, student.
                        chown -R $USU:student $USU
                        find $USU -type d -exec chmod u=rwx,g=rwx,o= {} \;
                        find $USU ! -type d -exec chmod u+r,g=u,g+w,o= {} \;
                else
                        #echo Cleaning $USU, professor.
                        chown $USU:professor $USU           ;#not recursive
                        chmod u=rwx,go= $USU                  ;#not recursive


> the student user may want to have removed write permission from their own
> access, so I would be inclined to honour that with something like this:
>    chown -R g=u,g+rw,o=

Yes, thanks. I just add that students can wrongly do a u-r, so I added
a u+r. Will this sequence work?
u+r,g=u,g+w,o=
I thought to add r to users, then copy r and possible x to groups,
then add w to groups. I belive its ok, isn't it?


> As I've suggested earlier, you probably don't need to tweak any of
> the professors' files, but just enforce 0700 on each professor's home
> directory.
> Chris

Yep! Great.

Thanks,

Beco



--
Dr. Beco
A.I. research, Cognitive Scientist and Philosopher
Linux Counter #201942


--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/caluyw2w6t0c0rjnky1zxsg7opwoqp7506xa7t0q8g2e1c1h...@mail.gmail.com

Reply via email to