|
-
need to expand permissions for a user
lo there all,
i have a user that needs to be able to write to many different files that usually only the root user would be able to do.
for example, i need to be able to write to /usr/lib/python/site_packages to put system wide access to python modules.
also needs to be able to edit scripts in the /var/www folder owned by www-data
also need to be able to edit scripts in agi_bin for asterisk and write software that can write files to the aseterisk directory.
so, how do i give said user permission to edit, read, delete etc... files in all of these directories ?
thanks for any tips.
-
Could put them into separate group(s) and then add the users to those permissions, that is all. Could use loads of groups, but it gets a bit messy.
Try: man chown
and: man chmod
at the command prompt.
James
-----------------------------
UseLinux.net
-----------------------------
perl -e 'use Math::Complex;$|=1;for$r(0..24){for$c (0..79){$C=cplx(($c/20.0)-3.0,-($r/12.0)+1.0);$Z= cplx(0,0);for($i=0;($i<80)&&(abs($Z)<2.0);$i++){$Z =$Z*$Z+$C;}print$i>=80?"*":" ";}print"\n";}'
-
thanks, i just went ahead and added my user to the groups that i needed to, that gives him write permission where needed, but i still have to chown www-data every time i copy files over to the web directory. Not so bad i guess.
thanks
-
Sadly, shifting files over tends to wipe their permissions, but you could try `cp -a` or similar switches to preserves their attributes.
Glad it works,
James
-----------------------------
UseLinux.net
-----------------------------
perl -e 'use Math::Complex;$|=1;for$r(0..24){for$c (0..79){$C=cplx(($c/20.0)-3.0,-($r/12.0)+1.0);$Z= cplx(0,0);for($i=0;($i<80)&&(abs($Z)<2.0);$i++){$Z =$Z*$Z+$C;}print$i>=80?"*":" ";}print"\n";}'
-
i am not sure i get your question . just give them correct permissions chmod 770 then add the user to the group that is trying to access those files. 
"Software is like sex: it's better when its free."
-LINUS TORVALDS
-
If the files only need to have their group changed to www-data, then you could make the directory set-gid. Let me do some testing here so I'm sure I know how it works...
OK, this should do it:
Code:
$ su
# cd /tmp
# mkdir test-dir
# chgrp video test-dir
# chmod g+ws test-dir
# ls -ld test-dir
drwxrwsr-x 2 root video 4096 Jan 2 19:23 testdir
# touch test-dir/root-file
# ls -l test-dir
-rw-r--r-- 1 root video 0 Jan 2 19:24 root-file
# exit
$ groups
<blah blah> video <blah blah>
$ cd /tmp/test-dir
$ touch user-file
$ ls -l
total 0
-rw-r--r-- 1 root video 0 Jan 2 19:24 root-file
-rw-r--r-- 1 bilbo video 0 Jan 2 19:24 user-file
As you can see, both root and my normal user are able to create and delete files in the directory (root because he owns it and owner has write, me because I'm a member of the owning group and group also has write), and all files that get created are owned by the group that owns the directory (video). Set-gid plus group-write on a directory is an easy way to make group ownership inherit for all new files (and subdirectories, by the way -- subdirectories also inherit the set-gid bit).
So if you made the directory writable by www-data, and set-gid, then any user that's a member of www-data can create and delete files in there. And the files will also have www-data as their group.
Sadly I don't think the same will work with set-uid (you can't turn on set-uid on a directory and have all new files take on the directory's owner), so maybe this isn't enough, but it might help.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
