?
Solved

Granting a group rights to access a particular directory?

Posted on 2004-04-13
5
Medium Priority
?
292 Views
Last Modified: 2013-12-04
I would like to know how to add a user to a group. And then, grant that group access or rights (rwx) to a particular directory.

My problem is that I have many different remote users who need to use ftp to add and remove files from many different directories.  These directories are websites or they hold the files that make up the website. I don't want the users to be able to access each others directories.  I would like to know how to create the user, set\restrict the path to a particular directory for that user.  Create a group that has rwx previlages to that directory.  Add the user to that group.  In some instances I have four or five users who need access to the directory.

The o/s is Solaris v5.6. The web server is Apache.  I'm familar with the useradd, groupadd, chmod, commands, the startup files /etc/profile, /export/home/username/.profile.  I've read about the umask, setuid, and setgid commands.

I'm an old Netware hand v2 through 6, but I'm really struggling on the Unix platform with what is such a simple task in Netware.
0
Comment
Question by:mobot
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 2000 total points
ID: 10818730
Let's say you have a group called 'webadm' and users default group is 'other'.

You add all the users you want to add/remove files in the various directories to the webadm group using the groupadd command (or just vi /etc/group)

Then on the appropriate directories, you

chgrp webadm dirname
chmod g+wxs dirname

The set gid bit (s) ensures that any files created under the directory will have the webadm group.
0
 
LVL 62

Expert Comment

by:gheist
ID: 10836495
and leave o+r for all files and o+rx on directories, so webserver can still access them.
adjust user umasks accordingly so they do not remove public and group access to files
umask is just like file permissions, they denote bits which are not set on fresh files
0
 
LVL 62

Expert Comment

by:gheist
ID: 10836501
default umask usally is 022
change it to 002 so group writes are allowed to new files
0
 
LVL 12

Expert Comment

by:stefan73
ID: 10841403
Hi mobot,
Check ACLs (access control lists). I'm not sure if Solaris 5.6 supports them (I have 2.8 here).

Do "apropos acl".

Check the examples in
http://www.cs.indiana.edu/Facilities/software/ACL.html
http://snap.nlc.dcccd.edu/reference/sysadmin/julian/ch18/413-416.html

Cheers,
Stefan
0
 

Author Comment

by:mobot
ID: 10847626
many thanks to all your help is much appreciated.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
OfficeMate Freezes on login or does not load after login credentials are input.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month14 days, 18 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question