Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 05 Jul 1997 17:37:16 +0000
From:      Jason Wells <jcwells@u.washington.edu>
To:        Jason McKay <jasonm@homer.webace.com.au>, questions@FreeBSD.ORG
Subject:   Re: Groups
Message-ID:  <3.0.2.32.19970705173716.007adc20@jcwells.deskmail.washington.edu>
In-Reply-To: <Pine.BSF.3.96.970705235338.606A-100000@homer.webace.com.au >

next in thread | previous in thread | raw e-mail | index | archive | help
At 23:56 05-07-97 +0800, Jason McKay wrote:
>
>I have my dial-up users in two groups (users & mailacc) ...
>I wish to make it so, the people in the users group have access to all
>programs in the /usr/local/bin directory.  But the people in the mailacc
>group can't access the programs in the above directory.
>
>How is this possible, do I use chmod?? if so what command parameters.
>I have my dial-up users in two groups (users & mailacc) ...
>I wish to make it so, the people in the users group have access to all
>programs in the /usr/local/bin directory.  But the people in the mailacc
>group can't access the programs in the above directory.
>
>How is this possible, do I use chmod?? if so what command parameters.

You need to use two commands. Chmod to set the permission. Chown to set the
ownership. 

Use chown the set the group ownership of /usr/local/bin to "users". Then
use chmod to set the "group" permissions for /usr/local/bin to group
readable and executable. You must also set the "other" permission so that
all other users (including mailacc) are excluded from this directory. If
you fail to exclude the "other" users then you are defeating your purpose.

Administrative note: You should change all the permissions and ownerships
of the files within the directory as well. Use the -R operator to do this
quickly. 

This will make the directory accessible to people in group "users" so that
they may read and execute. You may choose to give them power to write as
well. I dare say that you will choose against this to keep folks from
messing with the binaries that your other users need.

Since no one of the "other" users can gain permission, the group mailacc
will not have this access.

See man chmod and man chown for the specific syntax.

Later,
Jason Wells





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.2.32.19970705173716.007adc20>