Solved

Granting a group rights to access a particular directory?

Posted on 2004-04-13
5
285 Views
Last Modified: 2013-12-04
I would like to know how to add a user to a group. And then, grant that group access or rights (rwx) to a particular directory.

My problem is that I have many different remote users who need to use ftp to add and remove files from many different directories.  These directories are websites or they hold the files that make up the website. I don't want the users to be able to access each others directories.  I would like to know how to create the user, set\restrict the path to a particular directory for that user.  Create a group that has rwx previlages to that directory.  Add the user to that group.  In some instances I have four or five users who need access to the directory.

The o/s is Solaris v5.6. The web server is Apache.  I'm familar with the useradd, groupadd, chmod, commands, the startup files /etc/profile, /export/home/username/.profile.  I've read about the umask, setuid, and setgid commands.

I'm an old Netware hand v2 through 6, but I'm really struggling on the Unix platform with what is such a simple task in Netware.
0
Comment
Question by:mobot
5 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 500 total points
ID: 10818730
Let's say you have a group called 'webadm' and users default group is 'other'.

You add all the users you want to add/remove files in the various directories to the webadm group using the groupadd command (or just vi /etc/group)

Then on the appropriate directories, you

chgrp webadm dirname
chmod g+wxs dirname

The set gid bit (s) ensures that any files created under the directory will have the webadm group.
0
 
LVL 61

Expert Comment

by:gheist
ID: 10836495
and leave o+r for all files and o+rx on directories, so webserver can still access them.
adjust user umasks accordingly so they do not remove public and group access to files
umask is just like file permissions, they denote bits which are not set on fresh files
0
 
LVL 61

Expert Comment

by:gheist
ID: 10836501
default umask usally is 022
change it to 002 so group writes are allowed to new files
0
 
LVL 12

Expert Comment

by:stefan73
ID: 10841403
Hi mobot,
Check ACLs (access control lists). I'm not sure if Solaris 5.6 supports them (I have 2.8 here).

Do "apropos acl".

Check the examples in
http://www.cs.indiana.edu/Facilities/software/ACL.html
http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/413-416.html

Cheers,
Stefan
0
 

Author Comment

by:mobot
ID: 10847626
many thanks to all your help is much appreciated.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
OfficeMate Freezes on login or does not load after login credentials are input.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now