Date: Tue, 19 Mar 2002 12:54:00 +0000 (GMT) From: jason+freebsd@kanda.com To: Jan Grant <Jan.Grant@bristol.ac.uk> Cc: Richard <guyuan@telpacific.com.au>, "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: How to disallow a certain user or group to access a directory and all other users will not be affected Message-ID: <20020319124758.W69540-100000@uk2.kanda-systems.net> In-Reply-To: <Pine.GSO.4.44.0203191126480.17702-100000@mail.ilrt.bris.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 19 Mar 2002, Jan Grant wrote: > On Tue, 19 Mar 2002, Richard wrote: > > > I am facing a problem that I only want to block a certain > > user or a group to access a few directories and all other > > users will not be affected. > > > > It does not seem to be a problem in win2000, but I cannot > > implement in FreeBSD or Linux. Is it possible to implement > > in FreeBSD or Linux? > > You need extended ACLs. I believe Linux has them; the TrustedBSD project > is doing the same for FreeBSD (the code's already in current, IIRC). Not quite so, typically you use permissions to grant access, ie. user x can read/write these files, group y can only read these files and everyone else has no access. Permissions can be turned on their head a bit, eg: user x has no access, group y has read only access and everyone else can do anything with them. With thoughtful use of groups, you should be able to emulate some ACL functionality, although it will be fiddlier than with ACLs. Some quick examples: To stop a group accessing a directory/file: chgrp group directory (where group is the group you want to restrict access to, and directory is the directory name) Then chmod 707 directory To stop a user accessing a file or directory: chgrp user directory Then chmod 077 directory (where user is the user you want to restrict access to, and directory is the directory name) Jason > > > -- > jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ > Tel +44(0)117 9287088 Fax +44 (0)117 9287112 RFC822 jan.grant@bris.ac.uk > Q: What's yellow and equivalent to the axiom of choice? A: Zorn's lemon. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020319124758.W69540-100000>