Solved

Granting a group rights to access a particular directory?

Posted on 2004-04-13
5
289 Views
Last Modified: 2013-12-04
I would like to know how to add a user to a group. And then, grant that group access or rights (rwx) to a particular directory.

My problem is that I have many different remote users who need to use ftp to add and remove files from many different directories.  These directories are websites or they hold the files that make up the website. I don't want the users to be able to access each others directories.  I would like to know how to create the user, set\restrict the path to a particular directory for that user.  Create a group that has rwx previlages to that directory.  Add the user to that group.  In some instances I have four or five users who need access to the directory.

The o/s is Solaris v5.6. The web server is Apache.  I'm familar with the useradd, groupadd, chmod, commands, the startup files /etc/profile, /export/home/username/.profile.  I've read about the umask, setuid, and setgid commands.

I'm an old Netware hand v2 through 6, but I'm really struggling on the Unix platform with what is such a simple task in Netware.
0
Comment
Question by:mobot
5 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 500 total points
ID: 10818730
Let's say you have a group called 'webadm' and users default group is 'other'.

You add all the users you want to add/remove files in the various directories to the webadm group using the groupadd command (or just vi /etc/group)

Then on the appropriate directories, you

chgrp webadm dirname
chmod g+wxs dirname

The set gid bit (s) ensures that any files created under the directory will have the webadm group.
0
 
LVL 62

Expert Comment

by:gheist
ID: 10836495
and leave o+r for all files and o+rx on directories, so webserver can still access them.
adjust user umasks accordingly so they do not remove public and group access to files
umask is just like file permissions, they denote bits which are not set on fresh files
0
 
LVL 62

Expert Comment

by:gheist
ID: 10836501
default umask usally is 022
change it to 002 so group writes are allowed to new files
0
 
LVL 12

Expert Comment

by:stefan73
ID: 10841403
Hi mobot,
Check ACLs (access control lists). I'm not sure if Solaris 5.6 supports them (I have 2.8 here).

Do "apropos acl".

Check the examples in
http://www.cs.indiana.edu/Facilities/software/ACL.html
http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/413-416.html

Cheers,
Stefan
0
 

Author Comment

by:mobot
ID: 10847626
many thanks to all your help is much appreciated.
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question