Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

User access rights/privelages in linux

 
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
am a new ubuntu user and in my attempt to create new users, i figured i cannot control the access given to users. I am the root or 1st user.

Is there a way in linux/unix to control access given to user groups like KIDS/Guest etc.

Ubuntu has a UI for "users and groups" but isnt detailed enought.

Thanks,
San
 
Ranch Hand
Posts: 214
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Well, simply put Unix has 3 access privileges, Owner, Group, Other. You can apply various rights for these 3 types using the chmod and chown command. You can find documentation on that on the web, perhaps the ubuntu website would be a good place to start (or you could try man chmod from a terminal window.

The easiest way to see this is to open a terminal window and do ls -l in a directory with files in.



Basically the rights you see are the 1st column, the first char indicates any special bits the file has (in this case "fred" is a directory)
then it's 3 characters indicating the privileges from each access class "Read", "Write", "eXecute". For the sake of simplicity, the execute flag simply indicates if the file can be run as a program or not (this isn't strictly true, that will become apparent once you start reading documentation).

The 3rd and 4th column are the owner's id and the group id respectively (in this case lchan / users).

Taking the above listing as an example :-
"lchan" can read/modify and execute the various tomcat-xxx scripts.
users who are members of the group "users" may read and execute the tomcat-xxx scripts.
other users do not have any access to these files at all.

Now, that doesn't answer your question. What type of access to you want to control. Access to the machine?, access to various files on the machine?
[ October 03, 2006: Message edited by: Lewin Chan ]
 
S Santhosh
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Lewin,

I was trying to make an user account which has access only to web browser and destop, nothing else.

Do you happen to know what files control these....
 
Ranch Hand
Posts: 1923
Scala Postgres Database Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I never did this, but this sounds like a kiosk mode - perhaps a useful expression to feed google.
 
S Santhosh
Ranch Hand
Posts: 73
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Lewin, Stefan.

I did find some links for firefox kiosk mode...digging more it those.

Thanks for the help,
San
 
reply
    Bookmark Topic Watch Topic
  • New Topic