Solved

Granting a group rights to access a particular directory?

Posted on 2004-04-13
5
291 Views
Last Modified: 2013-12-04
I would like to know how to add a user to a group. And then, grant that group access or rights (rwx) to a particular directory.

My problem is that I have many different remote users who need to use ftp to add and remove files from many different directories.  These directories are websites or they hold the files that make up the website. I don't want the users to be able to access each others directories.  I would like to know how to create the user, set\restrict the path to a particular directory for that user.  Create a group that has rwx previlages to that directory.  Add the user to that group.  In some instances I have four or five users who need access to the directory.

The o/s is Solaris v5.6. The web server is Apache.  I'm familar with the useradd, groupadd, chmod, commands, the startup files /etc/profile, /export/home/username/.profile.  I've read about the umask, setuid, and setgid commands.

I'm an old Netware hand v2 through 6, but I'm really struggling on the Unix platform with what is such a simple task in Netware.
0
Comment
Question by:mobot
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 500 total points
ID: 10818730
Let's say you have a group called 'webadm' and users default group is 'other'.

You add all the users you want to add/remove files in the various directories to the webadm group using the groupadd command (or just vi /etc/group)

Then on the appropriate directories, you

chgrp webadm dirname
chmod g+wxs dirname

The set gid bit (s) ensures that any files created under the directory will have the webadm group.
0
 
LVL 62

Expert Comment

by:gheist
ID: 10836495
and leave o+r for all files and o+rx on directories, so webserver can still access them.
adjust user umasks accordingly so they do not remove public and group access to files
umask is just like file permissions, they denote bits which are not set on fresh files
0
 
LVL 62

Expert Comment

by:gheist
ID: 10836501
default umask usally is 022
change it to 002 so group writes are allowed to new files
0
 
LVL 12

Expert Comment

by:stefan73
ID: 10841403
Hi mobot,
Check ACLs (access control lists). I'm not sure if Solaris 5.6 supports them (I have 2.8 here).

Do "apropos acl".

Check the examples in
http://www.cs.indiana.edu/Facilities/software/ACL.html
http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/413-416.html

Cheers,
Stefan
0
 

Author Comment

by:mobot
ID: 10847626
many thanks to all your help is much appreciated.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question