From owner-freebsd-questions Sat Dec 4 21:59:36 1999 Delivered-To: freebsd-questions@freebsd.org Received: from garcon.qtm.net (qtm.net [206.53.233.50]) by hub.freebsd.org (Postfix) with ESMTP id 38E6D14EE3 for ; Sat, 4 Dec 1999 21:59:27 -0800 (PST) (envelope-from jay@qtm.net) Received: from ENFORCER (enforcer.qtm.net [216.163.32.5]) by garcon.qtm.net (8.9.1/8.9.1) with SMTP id AAA00311 for ; Sun, 5 Dec 1999 00:58:52 -0500 (EST) From: "Network Admin [JPeterson]" To: Subject: User Quotas - and Multiple Groups Date: Sun, 5 Dec 1999 00:58:49 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="KOI8-R" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <74E45CD96094D311B7F900608C71F775A962@gatekeeper.fns.ru> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Alrighty... I've got a few questions so here goes =) Setting up a new server and I want security and quotas to be tighter than they used to be. a) Users should not be able to FTP in and CWD to other users homedirs, the way I found to accomplish this and still allow web access was to put all users in the primary group 'user' and make each users home dir chmod 0705 and owned by [username]:user so that others in the group 'user' had no access but world (i.e. httpd) still could see the subdir of www which is 0755 and [username]:www -- Is this the best way to accomplish what I want or is there another way? b.1) User Quotas, part 1: I have enabled user quotas and know how to set them on a per-user or per-group basis, however the soft-limit does not seem to do anything, I have set a grace period of 3 days, the way I understood it to work on another system I was a customer on, the system would email me when I reached the soft limit. Is this possible? did I miss something in the setup? b.2) User Quotas, part 2: With the quotas enabled we want to set them on a per group basis, however we want everyone to be in the group 'user' per the first question about security, is there another way besides listing every user in the /etc/group file to add them to a second group? i.e. user joey would be in group user and deluxe, group deluxe has a quota of 10meg soft and 12meg hard, but user john would be in group user and value, group value has a soft limit of 8meg and a hard limit of 10.. whereas group staff would be unlimited and group business would have a 100meg limit .. and so on.. Any suggestions on how to do this would be greatly appreciated! c) Directory permissions: We have a web designing firm that authors sites for several companies who host here, currently in order to allow the firm to post pages via FTP I must chown -R the ~customer/www directory to the firm's username, this makes it impossible for the customer to make any changes.. is there any way to add the firm's username or a special group access to these directories? Well I cant think of anything else, I'm sure that something else will come up shortly after I send this though =) Thanks for the help! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message