Jump to content

block access to user's home folder [solved]


Trio3b
 Share

Recommended Posts

Not sure if this is technically networking, but would like to block access to one user's home folder on the same PC. I have poked around with permissions, ownership, sharing, etc. Google returns file sharing between Windows and linux which is NOT what I'm doing.

 

Under Konqueror's navigation bar in home folders:

 

when logged in as user1, user1 has no access to user2 home directory

when logged in as user2, user2 has complete access to user1 home directory and subfolders.

 

I want user2 to have access to his own folders but no access to user1 home folder.

 

In addition to access to his own (user2) home folder, I want to block access to 3 of the subdirectories, but no luck. I thought about encryption but it seems excessive.

 

 

Any help appreciated.

 

 

[moved from Networking by spinynorman]

Link to comment
Share on other sites

I see it marked as solved, so you want to let us know how you did it? This will help anyone else who might have the same problem who searches here, will find your answer to help them.

Link to comment
Share on other sites

I use [solved] very loosely in that I am still somewhat new to sharing and assumed that I could share some user1 directories so as to have access by user2 (on the same mdv2008 PC). However, due to my inexperience, I was having issues where I could not setup scanning (xsane) from user2 to the 3 folders in user1 directories. So I decided to just copy the 3 folders into user2 home folder and let user2 scan into them.

 

Now I still had a problem in that there are several folders nested in these 3 main folders that I do not want user2 to have access to, so I just individually selected these nested folders, changed ownership and rights back to user1, and that seems to have done the trick. Maybe this was the messy way to go about it, but will give it a go and report back.

 

Thanks

Edited by Trio3b
Link to comment
Share on other sites

I would do it in this way:

 

Firstly, set the users rights similar to this:

 

[ian@elise ~]$ ls -l /home
total 8
drwx------ 29 ian ian 4096 Mar 15 20:55 ian

 

as you can see, it's only rwx for user level, not for group or system wide. Easy way is:

 

chmod 700 /home/ian

 

for example. Now, once this is done, only that particular user can gain access to that home directory. Now, if I have user Bob that I want access too, and restrict everyone else, I do:

 

gpasswd -a ian bob

 

so that Ian is a member of group bob. Then Ian can see inside Bob's directory. But Bob can't see inside Ian's.

Link to comment
Share on other sites

If Bob had 770 on his directory, in theory I should be able to get inside his directory and see stuff if I'm a member of group bob. If it was just 700, then no, unlikely to get in there.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...