file system security- unable to access

Hi,

I have assigned a+rwx permissions on a directory, the other users are still unable to access this directory. they get permission denied msg. i tried adding those users in to my group, still no luck. I am running RH 7.3. Any clue? Thanks.

SD
iitAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

chris_calabreseCommented:
Exactly what is the operation that is not working?
o cd to the directory
o ls the directory
o create a file in the directory
o remove a file in the directory
o etc.
0
iitAuthor Commented:
test case1:

logged in as user1
chmod a+rwx /home/user1/dir1

su user2
cd /home/user1/dir1
it gives permission denied.

test case2:
logged in as user1
cd /home/temp/dir1
su user2
ls <-- works

once i am in the directory it works. but cd to that directory , creating a file, ls , rm doesn't work outside from that directory.

Thanks for looking in to it.
0
ahoffmannCommented:
is /home/user1/dir1 or /home/user1 a mount point?
0
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

iitAuthor Commented:
No.

I gave even read permisson to the parent directory of dir1, /home/user1. It still didn't work. Thank you.
0
ahoffmannCommented:
try with:
  su - user2
0
mbarbosCommented:
Am I getting something wrong ?

By default /home/user has permissions rwx------. So you can't cd in that directory if you are not that user.
0
mbarbosCommented:
Oh, you need execute permission in order to cd into a directory. read is needed for ls
0
iitAuthor Commented:
ahoffmann, No, it didn't work. using su - user2 just took me to home directory of user2 /home/user2

mbarbos,

/home/user1/dir1 is the directory i am trying to access as user2. As user1 i have given permissions
"chmod -R a+rwx dir1" dir1 has full permissions?

as user1 i moved to /home/user1/dir1
then su user2 <-- successful login leaves you in the same directory, /home/user1/dir1
All operations works now. So, when am already in dir1 it works as expected.

cd <-- cd's to /home/user2
then ls /home/user1/dir1 gives permission denied.

When user2 is in dir1 it works correctly.
0
iitAuthor Commented:
ahoffmann, No, it didn't work.

Comment:

I mean su - user2 didn't work differntly from su user2 with regads to permissions. it has changed my directory to /home/user2 when did su - user2, where as su user2 leaves me in the directory where i am before.
0
mbarbosCommented:
That's what I said. Users ar not allowed by default to access other users home directory. So user 2 cannot cd to anything in /home/user1

You have to give x access to /home/user1 to user2 if you want user2 to be able to access anything below /home/user1

x (execute) access to a directory means cd right ot that directory.

try chmod +x /home/user1 :)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
iitAuthor Commented:
Thanks, it works now.

I assumed i just need to give to the directory the other user accesses and not necessarily the parent directory. when i give it to /home/user1 it works.
0
mbarbosCommented:
That's not the case. Basically, the directory tree is followed (according to the path in the command) and and rights are evaluated at each step. At least that's waht I know, I might be wrong.

Anyway, allowing any rights into somebody's home directory is wrong. The home directory is supposed to be private and when you start doiung things like that you usually end up (in time, at least) giving everybody rwx on that directory.

What you should probably do, is to creat a directory outside the /home hierarchy, create a group, make user1 and user2 members of that group and grant rights on that hierarchy to the group. But you might want to play also with the other directory flags (it can be entertaining sometimes ;-).

Thanks, for the points and excuse the lecture :)
0
mbarbosCommented:
I'll start proof reading my posts in the future :-(
0
iitAuthor Commented:
thanks for the suggestion! I will play with permissions settigns and see if i can prevent other users seeing my home directory.

But, i am still confused. when am inside the directory dir1 and do an su user2 it works, am able to  do all sorts of operations. As long as i am in it, it works. but trying to come in to that directory doesn't work.

0
mbarbosCommented:
That's because you are already there. The right to cd into that directory doesn't matter since you are not changing the directory again. You are missing the x , which means you are not allowed to change into that directory but it doesn't mean that you are not allowed to read or write in that directory.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Security

From novice to tech pro — start learning today.