10-20-2014
And you have now set it up so that no user on your system has any private files; every file that they create in any directory on your system will be readable and writeable by every other user in the same group. Fortunately, I use the Korn shell instead of bash, so this wouldn't affect me.
Before you modified everybody'a .bashrc, did you at least warn them that they need to undo what you did or manually chmod every file that they create in any other directory?
Did you consider just asking users in this group to chmod files they create under this shared directory.
Did you consider writing a set-UID application that would allow users in that group to change the mode of any file under that directory (AND ONLY under that direcotry) to something any user in the group could use (and send a note to the offending file's creator and that person's supervisor) when it was needed?
At any company I've ever worked for, what you did would be a fireable offense. Please reconsider this action.
This User Gave Thanks to Don Cragun For This Post:
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello!
I want users in a certain group to be restricted to their home directory. So that they have full access to all files and folders in their home directory but the cant go to any directory above.
Does anyone know how to do this?
Anders (1 Reply)
Discussion started by: alfabetman
1 Replies
2. UNIX for Dummies Questions & Answers
I accidently reset the permissions of my /home/punkrockguy318 directory to root only. How can I get my punkrockguy318 permissions ( and all of it's contents) to be read/write accesable only to punkrockguy318 and root? (5 Replies)
Discussion started by: punkrockguy318
5 Replies
3. UNIX for Dummies Questions & Answers
Hi
I want to know which profile will be called when a user without home directory is created.
When I created a user without home directory(by setting in /etc/default/useradd), the user is able to login directly into the main "/" folder but with only read permissions.
Thanks
naina (3 Replies)
Discussion started by: naina
3 Replies
4. UNIX for Dummies Questions & Answers
Hello All,
I have a new HPUX system going into production and it will be used by 2 projects. One of the contract requirements is the 2 groups can not have access to the others work or data. I believe I have the system pretty well locked up using groups and permissions and selective mounting of... (2 Replies)
Discussion started by: DanL
2 Replies
5. UNIX for Dummies Questions & Answers
Hi,
I am looking for a shell script (or any other way), that puts a user in a home directory jail. So for example, I have a user named richard and I don't want him wandering outside /usr/users/richard. I don't want him to cd to anywhere including cd ..
Somebody said you can do that with... (3 Replies)
Discussion started by: mz043
3 Replies
6. UNIX for Dummies Questions & Answers
I'm using HPUX 11i. The other day a user logon to the workstation and was not able to find the /home/directory (tom is the directory) I login myself and it is the same thing.
The home directory is on the server, so I was thinking of using sam to map it again. does anyone know how to do it... (5 Replies)
Discussion started by: blizzgamer
5 Replies
7. UNIX for Advanced & Expert Users
My users home directory located in a RHEL 5.0 nfs server.
Client is ubuntu 8.1 using NIS for authntication anf NFS for automounting
home Directory on the client side.
I set 700 to the users home directory.
My problem here is some of the users change the mode, which result in leak of... (2 Replies)
Discussion started by: a_artha
2 Replies
8. Solaris
Hi Guys,
I have a problem with configuring a server. this is a solaris 10 with sparc platform.
I have setup so that the server is Authenticating through NIS but I dont want the server to Mount the Home directories. The users need to logged in through the CDE/display.
I have over 200 users... (2 Replies)
Discussion started by: Luky
2 Replies
9. UNIX for Advanced & Expert Users
RHEL5.0
As we know, when root create a new user, a new home directory will be created : /home/user
I want to know what determine the access permission of /home/user .
Thanks! (1 Reply)
Discussion started by: cqlouis
1 Replies
10. Red Hat
Hi friends,
I must to give ssh connection to own customer.
So I want to lock ssh user on own home directory. It is not necessery to reach other folders. I know that ftp user can lock on own folder but I don't know how to lock ssh user.
I am waitting your kindly helps :D
---------- Post... (10 Replies)
Discussion started by: getrue
10 Replies
LEARN ABOUT DEBIAN
sss_useradd
SSS_USERADD(8) SSSD Manual pages SSS_USERADD(8)
NAME
sss_useradd - create a new user
SYNOPSIS
sss_useradd [options] LOGIN
DESCRIPTION
sss_useradd creates a new user account using the values specified on the command line plus the default values from the system.
OPTIONS
-u,--uid UID
Set the UID of the user to the value of UID. If not given, it is chosen automatically.
-c,--gecos COMMENT
Any text string describing the user. Often used as the field for the user's full name.
-h,--home HOME_DIR
The home directory of the user account. The default is to append the LOGIN name to /home and use that as the home directory. The base
that is prepended before LOGIN is tunable with "user_defaults/baseDirectory" setting in sssd.conf.
-s,--shell SHELL
The user's login shell. The default is currently /bin/bash. The default can be changed with "user_defaults/defaultShell" setting in
sssd.conf.
-G,--groups GROUPS
A list of existing groups this user is also a member of.
-m,--create-home
Create the user's home directory if it does not exist. The files and directories contained in the skeleton directory (which can be
defined with the -k option or in the config file) will be copied to the home directory.
-M,--no-create-home
Do not create the user's home directory. Overrides configuration settings.
-k,--skel SKELDIR
The skeleton directory, which contains files and directories to be copied in the user's home directory, when the home directory is
created by sss_useradd.
This option is only valid if the -m (or --create-home) option is specified, or creation of home directories is set to TRUE in the
configuration.
-Z,--selinux-user SELINUX_USER
The SELinux user for the user's login. If not specified, the system default will be used.
-h,--help
Display help message and exit.
THE LOCAL DOMAIN
In order to function correctly, a domain with "id_provider=local" must be created and the SSSD must be running.
The administrator might want to use the SSSD local users instead of traditional UNIX users in cases where the group nesting (see
sss_groupadd(8)) is needed. The local users are also useful for testing and development of the SSSD without having to deploy a full remote
server. The sss_user* and sss_group* tools use a local LDB storage to store users and groups.
SEE ALSO
sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_userdel(8), sss_usermod(8).
AUTHORS
The SSSD upstream - http://fedorahosted.org/sssd
SSSD
03/04/2013 SSS_USERADD(8)