Solved

Granting a group rights to access a particular directory?

Posted on 2004-04-13
5
290 Views
Last Modified: 2013-12-04
I would like to know how to add a user to a group. And then, grant that group access or rights (rwx) to a particular directory.

My problem is that I have many different remote users who need to use ftp to add and remove files from many different directories.  These directories are websites or they hold the files that make up the website. I don't want the users to be able to access each others directories.  I would like to know how to create the user, set\restrict the path to a particular directory for that user.  Create a group that has rwx previlages to that directory.  Add the user to that group.  In some instances I have four or five users who need access to the directory.

The o/s is Solaris v5.6. The web server is Apache.  I'm familar with the useradd, groupadd, chmod, commands, the startup files /etc/profile, /export/home/username/.profile.  I've read about the umask, setuid, and setgid commands.

I'm an old Netware hand v2 through 6, but I'm really struggling on the Unix platform with what is such a simple task in Netware.
0
Comment
Question by:mobot
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 500 total points
ID: 10818730
Let's say you have a group called 'webadm' and users default group is 'other'.

You add all the users you want to add/remove files in the various directories to the webadm group using the groupadd command (or just vi /etc/group)

Then on the appropriate directories, you

chgrp webadm dirname
chmod g+wxs dirname

The set gid bit (s) ensures that any files created under the directory will have the webadm group.
0
 
LVL 62

Expert Comment

by:gheist
ID: 10836495
and leave o+r for all files and o+rx on directories, so webserver can still access them.
adjust user umasks accordingly so they do not remove public and group access to files
umask is just like file permissions, they denote bits which are not set on fresh files
0
 
LVL 62

Expert Comment

by:gheist
ID: 10836501
default umask usally is 022
change it to 002 so group writes are allowed to new files
0
 
LVL 12

Expert Comment

by:stefan73
ID: 10841403
Hi mobot,
Check ACLs (access control lists). I'm not sure if Solaris 5.6 supports them (I have 2.8 here).

Do "apropos acl".

Check the examples in
http://www.cs.indiana.edu/Facilities/software/ACL.html
http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/413-416.html

Cheers,
Stefan
0
 

Author Comment

by:mobot
ID: 10847626
many thanks to all your help is much appreciated.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question