Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

User access rights/privelages in linux

 
S Santhosh
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
am a new ubuntu user and in my attempt to create new users, i figured i cannot control the access given to users. I am the root or 1st user.

Is there a way in linux/unix to control access given to user groups like KIDS/Guest etc.

Ubuntu has a UI for "users and groups" but isnt detailed enought.

Thanks,
San
 
Lewin Chan
Ranch Hand
Posts: 214
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, simply put Unix has 3 access privileges, Owner, Group, Other. You can apply various rights for these 3 types using the chmod and chown command. You can find documentation on that on the web, perhaps the ubuntu website would be a good place to start (or you could try man chmod from a terminal window.

The easiest way to see this is to open a terminal window and do ls -l in a directory with files in.



Basically the rights you see are the 1st column, the first char indicates any special bits the file has (in this case "fred" is a directory)
then it's 3 characters indicating the privileges from each access class "Read", "Write", "eXecute". For the sake of simplicity, the execute flag simply indicates if the file can be run as a program or not (this isn't strictly true, that will become apparent once you start reading documentation).

The 3rd and 4th column are the owner's id and the group id respectively (in this case lchan / users).

Taking the above listing as an example :-
"lchan" can read/modify and execute the various tomcat-xxx scripts.
users who are members of the group "users" may read and execute the tomcat-xxx scripts.
other users do not have any access to these files at all.

Now, that doesn't answer your question. What type of access to you want to control. Access to the machine?, access to various files on the machine?
[ October 03, 2006: Message edited by: Lewin Chan ]
 
S Santhosh
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Lewin,

I was trying to make an user account which has access only to web browser and destop, nothing else.

Do you happen to know what files control these....
 
Stefan Wagner
Ranch Hand
Posts: 1923
Linux Postgres Database Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I never did this, but this sounds like a kiosk mode - perhaps a useful expression to feed google.
 
S Santhosh
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Lewin, Stefan.

I did find some links for firefox kiosk mode...digging more it those.

Thanks for the help,
San
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic