Not sure if this is technically networking, but would like to block access to one user's home folder on the same PC. I have poked around with permissions, ownership, sharing, etc. Google returns file sharing between Windows and linux which is NOT what I'm doing.
Under Konqueror's navigation bar in home folders:
when logged in as user1, user1 has no access to user2 home directory
when logged in as user2, user2 has complete access to user1 home directory and subfolders.
I want user2 to have access to his own folders but no access to user1 home folder.
In addition to access to his own (user2) home folder, I want to block access to 3 of the subdirectories, but no luck. I thought about encryption but it seems excessive.
Any help appreciated.
[moved from Networking by spinynorman]
Full Version: block access to user's home folder [solved]
I see it marked as solved, so you want to let us know how you did it? This will help anyone else who might have the same problem who searches here, will find your answer to help them.
I use [solved] very loosely in that I am still somewhat new to sharing and assumed that I could share some user1 directories so as to have access by user2 (on the same mdv2008 PC). However, due to my inexperience, I was having issues where I could not setup scanning (xsane) from user2 to the 3 folders in user1 directories. So I decided to just copy the 3 folders into user2 home folder and let user2 scan into them.
Now I still had a problem in that there are several folders nested in these 3 main folders that I do not want user2 to have access to, so I just individually selected these nested folders, changed ownership and rights back to user1, and that seems to have done the trick. Maybe this was the messy way to go about it, but will give it a go and report back.
Thanks
Now I still had a problem in that there are several folders nested in these 3 main folders that I do not want user2 to have access to, so I just individually selected these nested folders, changed ownership and rights back to user1, and that seems to have done the trick. Maybe this was the messy way to go about it, but will give it a go and report back.
Thanks
I would do it in this way:
Firstly, set the users rights similar to this:
as you can see, it's only rwx for user level, not for group or system wide. Easy way is:
for example. Now, once this is done, only that particular user can gain access to that home directory. Now, if I have user Bob that I want access too, and restrict everyone else, I do:
so that Ian is a member of group bob. Then Ian can see inside Bob's directory. But Bob can't see inside Ian's.
Firstly, set the users rights similar to this:
CODE
[ian@elise ~]$ ls -l /home
total 8
drwx------ 29 ian ian 4096 Mar 15 20:55 ian
total 8
drwx------ 29 ian ian 4096 Mar 15 20:55 ian
as you can see, it's only rwx for user level, not for group or system wide. Easy way is:
CODE
chmod 700 /home/ian
for example. Now, once this is done, only that particular user can gain access to that home directory. Now, if I have user Bob that I want access too, and restrict everyone else, I do:
CODE
gpasswd -a ian bob
so that Ian is a member of group bob. Then Ian can see inside Bob's directory. But Bob can't see inside Ian's.
Will try your suggestions as well. Is there a good tutorial on the differences and/or overlap of permissions and file sharing?
Thanks
Thanks
QUOTE (ianw1974 @ Mar 15 2008, 09:57 PM) 
so that Ian is a member of group bob. Then Ian can see inside Bob's directory.
Are you sure? You didn't give read rights to the group, did you? Just to the user bob? 
If Bob had 770 on his directory, in theory I should be able to get inside his directory and see stuff if I'm a member of group bob. If it was just 700, then no, unlikely to get in there.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.