Date: Sun, 5 Dec 1999 00:58:49 -0500 From: "Network Admin [JPeterson]" <jay@qtm.net> To: <freebsd-questions@FreeBSD.ORG> Subject: User Quotas - and Multiple Groups Message-ID: <PCEIIOODPEIJJFAGCCEFAEJNCBAA.jay@qtm.net> In-Reply-To: <74E45CD96094D311B7F900608C71F775A962@gatekeeper.fns.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Alrighty... I've got a few questions so here goes =) Setting up a new server and I want security and quotas to be tighter than they used to be. a) Users should not be able to FTP in and CWD to other users homedirs, the way I found to accomplish this and still allow web access was to put all users in the primary group 'user' and make each users home dir chmod 0705 and owned by [username]:user so that others in the group 'user' had no access but world (i.e. httpd) still could see the subdir of www which is 0755 and [username]:www -- Is this the best way to accomplish what I want or is there another way? b.1) User Quotas, part 1: I have enabled user quotas and know how to set them on a per-user or per-group basis, however the soft-limit does not seem to do anything, I have set a grace period of 3 days, the way I understood it to work on another system I was a customer on, the system would email me when I reached the soft limit. Is this possible? did I miss something in the setup? b.2) User Quotas, part 2: With the quotas enabled we want to set them on a per group basis, however we want everyone to be in the group 'user' per the first question about security, is there another way besides listing every user in the /etc/group file to add them to a second group? i.e. user joey would be in group user and deluxe, group deluxe has a quota of 10meg soft and 12meg hard, but user john would be in group user and value, group value has a soft limit of 8meg and a hard limit of 10.. whereas group staff would be unlimited and group business would have a 100meg limit .. and so on.. Any suggestions on how to do this would be greatly appreciated! c) Directory permissions: We have a web designing firm that authors sites for several companies who host here, currently in order to allow the firm to post pages via FTP I must chown -R the ~customer/www directory to the firm's username, this makes it impossible for the customer to make any changes.. is there any way to add the firm's username or a special group access to these directories? Well I cant think of anything else, I'm sure that something else will come up shortly after I send this though =) Thanks for the help! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?PCEIIOODPEIJJFAGCCEFAEJNCBAA.jay>