08-29-2006
Can I prevent a user from changing the permissions on their home directory.
Hello All,
I have a new HPUX system going into production and it will be used by 2 projects. One of the contract requirements is the 2 groups can not have access to the others work or data. I believe I have the system pretty well locked up using groups and permissions and selective mounting of RAID partitions. However the one problem I see that I can not figure out:
Is it possible to prevent a user from changing the permissions on their home directory?
If I set the permissions at 750 the other group can not access the files. However if the user/owner decides to change them to anything more laxed, like 755, then the other group will have access to any proprietary data.
I realize that changing the permissions will most likely be a deliberate act, but I do have a couple of user that are rather lax in following the rules.
Thanks in advance for your responses.
Dan L.
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
So I need to change the permissions of my user account. I can
access the root account on the server, but don't know how to
change the permissions of my user account. I was advised to
try 'userconf' to see if I am part of a group, but I dunno how that works. ANyone who knows how to see the... (3 Replies)
Discussion started by: achink125
3 Replies
2. UNIX for Dummies Questions & Answers
I accidently reset the permissions of my /home/punkrockguy318 directory to root only. How can I get my punkrockguy318 permissions ( and all of it's contents) to be read/write accesable only to punkrockguy318 and root? (5 Replies)
Discussion started by: punkrockguy318
5 Replies
3. UNIX for Dummies Questions & Answers
Hi everyone.
My objective is to configure a Solaris 10 box as follows: There will be many simultaneous users connecting to it, and each of those users would automatically get a home folder.
For example, when I add user "Bob", the home folder would be /export/home/Bob
And for Mary, it's... (3 Replies)
Discussion started by: EugeneG
3 Replies
4. Shell Programming and Scripting
Hello All:
I have an LDAP server that is used for authentication. Now the home directory id set to : /export/home/user1 . But I am logging in to different machines Solaris, Linux. The problem is I want the home directory to change depending on the os version (e.g. /export/home/user1/linux). Can... (1 Reply)
Discussion started by: disturbe_d
1 Replies
5. UNIX for Advanced & Expert Users
My users home directory located in a RHEL 5.0 nfs server.
Client is ubuntu 8.1 using NIS for authntication anf NFS for automounting
home Directory on the client side.
I set 700 to the users home directory.
My problem here is some of the users change the mode, which result in leak of... (2 Replies)
Discussion started by: a_artha
2 Replies
6. UNIX for Dummies Questions & Answers
Hi, Im getting this annoying problem on file permission when I copy a folder to a mounted external directory. the files inside the copied folders become all executable. I tried to search for ways how to undo the permission over the web but to no avail.
tried this one but it doesnt change a... (2 Replies)
Discussion started by: ida1215
2 Replies
7. Solaris
Hi ,
on my Solaris 10 machine user's home directory ownership is being changed automatically to their UID. can any one please tell me whats the reason behind it .
users are there in /etc/passwd file . /etc/shadow file is also there along with nssswitch.conf file and there is no changes made to... (5 Replies)
Discussion started by: usernew
5 Replies
8. Shell Programming and Scripting
Hi could some let me know how to prevent user from changing his home directory.......
Thanks in advance.... (1 Reply)
Discussion started by: Revanth547
1 Replies
9. Shell Programming and Scripting
Hi could some let me know how to prevent user from changing his home directory.......
Thanks in advance.... (6 Replies)
Discussion started by: rahul547
6 Replies
10. UNIX for Advanced & Expert Users
Hi,
I have created a shared directory on /home, where all users on a certain group have read, write and execute permissions.
I did this using
chmod -R g+rwx /home/shared/
The problem is, when a particular user creates a directory within /home/shared, other users are not able to write to... (8 Replies)
Discussion started by: lost.identity
8 Replies
LEARN ABOUT DEBIAN
cgcreate
CGCREATE(1) libcgroup Manual CGCREATE(1)
NAME
cgcreate - create new cgroup(s)
SYNOPSIS
cgcreate [-h] [-s] [-t <tuid>:<tgid>] [-a <agid>:<auid>] [-f mode] [-d mode] -g <controllers>:<path> [-g ...]
DESCRIPTION
The command creates new cgroup(s) defined by the options -g.
-a <agid>:<auid>
defines the name of the user and the group which own the rest of the defined control group's files. These users are allowed to set
subsystem parameters and create subgroups. The default value is the same as has the parent cgroup.
-d, --dperm=mode
sets the permissions of a control groups directory. The permissions needs to be specified as octal numbers e.g. -d 775.
-f, --fperm=mode
sets the permissions of the control groups parameters. The permissions needs to be specified as octal numbers e.g. -f 775. The
value is not used as given because the current owner's permissions are used as an umask (so 777 will set group and others permis-
sions to the owners permissions).
-g <controllers>:<path>
defines control groups to be added. controllers is a list of controllers and path is the relative path to control groups in the
given controllers list. This option can be specified multiple times.
-h, --help
display this help and exit
-s, --tperm=mode
sets the permissions of the control group tasks file. The permissions needs to be specified as octal numbers e.g. -f 775. The
value is not used as given because the current owner's permissions are used as an umask (so 777 will set group and others permis-
sions to the owners permissions).
-t <tuid>:<tgid>
defines the name of the user and the group, which owns tasks file of the defined control group. I.e. this user and members of this
group have write access to the file. The default value is the same as has the parent cgroup.
FILES
SEE ALSO
cgrules.conf (5) cgexec (1) cgclassify (1)
Linux 2009-03-15 CGCREATE(1)