I want to allow users in the same group to read each other's files, but not allow other users not in that group to read said files.
The appropriate permission would be 750 on the user's home directory, from what I understand.
However, when I set the permission 750 on the user's home directory:
Other users in the same group may no longer access that user's home directory.
These users were not created under this group initially; I added them to it later (as secondary groups). The primary group was the user's username (default when running the 'adduser' command).
The only time that I've been able to get this to work as I want is to create the users with the "Login group" set to that group (when running the 'adduser' cmd). This is a big problem; I don't want to have to re-create users when I want to change their group.
I tried modifying /etc/group and /etc/passwd. This is the strange part. In passwd, one user that I created had a primary group id (GID) of 1002. I changed the line for that user:
Trying to add that user to group with ID 1004. After saving passwd, I run:
In other words, it doesn't seem that the user has been modified at all. That user still cannot access other people's directories with 750 as their perms.
Even stranger: after running
I get this:
Now, I did remove that user's line in /etc/group. Before I did that, rather than see "1002" in the output of 'ls', I saw the original name 'user' (created by default by 'adduser').
Why is there still a referrence to 1002? I want it to point to 1004!
I also ran
which appeared to do what I wanted (output of 'id' then indicated that the user was in group 1004), but after running chown again, the output of ls STILL indicated that the group was 1002.
All I want to do is make things so that users in the same group can access each other's files, but other users cannot. I don't want to have to create new users everytime I have a user switch groups, either.
Here is the output of 'uname -a':
# uname -a
FreeBSD XXX 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:55:53 UTC 2010 root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
The appropriate permission would be 750 on the user's home directory, from what I understand.
However, when I set the permission 750 on the user's home directory:
Code:
chmod -R 750 /usr/home/user1Other users in the same group may no longer access that user's home directory.
These users were not created under this group initially; I added them to it later (as secondary groups). The primary group was the user's username (default when running the 'adduser' command).
The only time that I've been able to get this to work as I want is to create the users with the "Login group" set to that group (when running the 'adduser' cmd). This is a big problem; I don't want to have to re-create users when I want to change their group.
I tried modifying /etc/group and /etc/passwd. This is the strange part. In passwd, one user that I created had a primary group id (GID) of 1002. I changed the line for that user:
Code:
user:*:1002:1004:name:path_to_shellTrying to add that user to group with ID 1004. After saving passwd, I run:
Code:
#id user
uid=1002(user) gid=1002(user) groups=1002(user)In other words, it doesn't seem that the user has been modified at all. That user still cannot access other people's directories with 750 as their perms.
Even stranger: after running
Code:
chown -R user path_to_user_home_dirI get this:
Code:
#ls -al /usr/home
total 20
drwxr-xr-x 9 root wheel 512 Oct 10 14:44 .
drwxr-xr-x 17 root wheel 512 Oct 4 15:53 ..
drwxr-x--- 18 user 1002 3584 Oct 7 17:05 user
.
.
.Now, I did remove that user's line in /etc/group. Before I did that, rather than see "1002" in the output of 'ls', I saw the original name 'user' (created by default by 'adduser').
Why is there still a referrence to 1002? I want it to point to 1004!
I also ran
Code:
#pw usermod user -g groupwhich appeared to do what I wanted (output of 'id' then indicated that the user was in group 1004), but after running chown again, the output of ls STILL indicated that the group was 1002.
All I want to do is make things so that users in the same group can access each other's files, but other users cannot. I don't want to have to create new users everytime I have a user switch groups, either.
Here is the output of 'uname -a':
# uname -a
FreeBSD XXX 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:55:53 UTC 2010 root@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
