Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 5 Dec 1999 00:58:49 -0500
From:      "Network Admin [JPeterson]" <jay@qtm.net>
To:        <freebsd-questions@FreeBSD.ORG>
Subject:   User Quotas - and Multiple Groups
Message-ID:  <PCEIIOODPEIJJFAGCCEFAEJNCBAA.jay@qtm.net>
In-Reply-To: <74E45CD96094D311B7F900608C71F775A962@gatekeeper.fns.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
Alrighty... I've got a few questions so here goes =)

Setting up a new server and I want security and quotas to be tighter than
they used to be.

a) Users should not be able to FTP in and CWD to other users homedirs, the
way I found to accomplish this and still allow web access was to put all
users in the primary group 'user' and make each users home dir chmod 0705
and owned by [username]:user so that others in the group 'user' had no
access but world (i.e. httpd) still could see the subdir of www which is
0755 and [username]:www -- Is this the best way to accomplish what I want or
is there another way?

b.1) User Quotas, part 1:
I have enabled user quotas and know how to set them on a per-user or
per-group basis, however the soft-limit does not seem to do anything, I have
set a grace period of 3 days, the way I understood it to work on another
system I was a customer on, the system would email me when I reached the
soft limit.  Is this possible? did I miss something in the setup?

b.2) User Quotas, part 2:
With the quotas enabled we want to set them on a per group basis, however we
want everyone to be in the group 'user' per the first question about
security, is there another way besides listing every user in the /etc/group
file to add them to a second group? i.e. user joey would be in group user
and deluxe, group deluxe has a quota of 10meg soft and 12meg hard, but user
john would be in group user and value, group value has a soft limit of 8meg
and a hard limit of 10.. whereas group staff would be unlimited and group
business would have a 100meg limit .. and so on.. Any suggestions on how to
do this would be greatly appreciated!

c) Directory permissions:
We have a web designing firm that authors sites for several companies who
host here, currently in order to allow the firm to post pages via FTP I must
chown -R the ~customer/www directory to the firm's username, this makes it
impossible for the customer to make any changes.. is there any way to add
the firm's username or a special group access to these directories?

Well I cant think of anything else, I'm sure that something else will come
up shortly after I send this though =)

Thanks for the help!



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?PCEIIOODPEIJJFAGCCEFAEJNCBAA.jay>