From owner-freebsd-questions  Tue Mar 19  3:40:35 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from gurudom.ramax.com (h24-68-240-50.cg.shawcable.net [24.68.240.50])
	by hub.freebsd.org (Postfix) with SMTP id C6DE037B402
	for <freebsd-questions@freebsd.org>; Tue, 19 Mar 2002 03:40:29 -0800 (PST)
Received: (qmail 6201 invoked from network); 19 Mar 2002 11:40:29 -0000
Received: from unknown (HELO bismark.io.sys.ramax.com) (10.0.0.1)
  by netopia.io.sys with SMTP; 19 Mar 2002 11:40:29 -0000
To: Richard <guyuan@telpacific.com.au>
Cc: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@freebsd.org>
Subject: Re: How to disallow a certain user or group to access a directory and all other users will not be affected
References: <200203191104.g2JB4VH56561@sydmail3.telpacific.com.au>
From: Alex Rodioukov <simuran@shaw.ca>
Date: 19 Mar 2002 04:40:29 -0700
In-Reply-To: <200203191104.g2JB4VH56561@sydmail3.telpacific.com.au>
Message-ID: <87y9goss42.fsf@bismark.io.sys>
Lines: 24
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Richard <guyuan@telpacific.com.au> writes:

> I am facing a problem that I only want to block a certain
> user or a group to access a few directories and all other
> users will not be affected.
> 
> It does not seem to be a problem in win2000, but I cannot
> implement in FreeBSD or Linux. Is it possible to implement
> in FreeBSD or Linux?

You'll need to create a group that will contain all the users that
should not have access to restricted directories. Then you'll need to
change the group id for that directories to the group you've
created. After you'll revoke all the permissions from the group - that
group will have no access. Like such:

# chgrp restricted dir1 dir2 dir3
# chmod g-rwx dir1 dir2 dir3

After this is done the users that belong to the "restricted" group
will have no access to dir1, dir2 etc... 

Regards,
  Alex.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message