su question

Linda haniganwork at earthlink.net
Wed Oct 1 03:52:48 UTC 2008 

Erik Christiansen wrote:
> On Mon, Sep 29, 2008 at 05:04:34PM -0500, Linda wrote:
>   
>> Johnny Rosenberg wrote:
>>     
>>> 2008/9/29 Linda <haniganwork at earthlink.net 
>>> <mailto:haniganwork at earthlink.net>>
>>>
>>>     I have several timeshare employees that I would like to have share the
>>>     same email account but not the same login. I thought I had a solution
>>>     figured out by moving the thunderbird-profile to a directory they
>>>     could
>>>     all access. However thunderbird ignores umask and on closing sets the
>>>     inbox as user rw no group permissions.
>>>     I thought I would solve my problem with thunderbird resetting the
>>>     inbox
>>>     permissions different than umask by having my different users
>>>     access the
>>>     same thuderbird profile using su. I could just create a user for the
>>>     thunderbird account set it up the way I wanted unfortunately it
>>>     does not
>>>     work.
>>>     If I type su username -c thunderbird
>>>
>>> Well, as far as I know, su doesn't work in Ubuntu. There is no root 
>>> password anyway, so whatever password you enter, it's wrong… Or maybe 
>>> it just doesn't work for me…
>>> Have you tried "sudo su" instead of just "su"? Then you just enter 
>>> your own password when asked.
>>>
>>>
>>>       
>> Actually I have su installed so I can change to be a different user, the 
>> advantage here is you have to know the users password to do it. I do not 
>> want to give them adminstrative permissions
>>     
>
> The suggested mail alias seems a simple way to reach all the group
> members, but how does timeshare employee D know whether to action all
> or any of the inbox contents, if A,B,C have been active (on replicate
> inboxes)? Collaboration seems minimal.
>
> If that thunderbird thing is still in the game plan, then have you tried
> putting the files in question into a common directory, with the sgid bit
> set? (chmod g+s,+t,u+rwx,g+rwx some_dir # might be best) That should
> generally override a user's application's umask vagaries, i.e. "When
> SGID is set on a directory, newly created files will inherit the gid of
> the directory, not that of the user creating the file." (Setting the
> sticky bit (+t) will improve protection of individual users' exclusively
> owned files in a shared directory.
>
> The other problem (from the OP):
>
>   
>> (thunderbird-bin:9606): Gtk-WARNING **: cannot open display: :0.0
>>     
>
> will be confirmed if you get this:
>
> $ xhost
> access control enabled, only authorized clients can connect
>
> If so, try:
>
> $ xhost +
> access control disabled, clients can connect from any host
>
> Then the "cannot open display: :0.0" should go away.
> There is a security penalty to doing this permanently. Others on your
> network (hopefully behind one or two firewalls) will now be able to
> throw things onto that X session.
>
> But none of that is necessary if the sgid directory allows the
> individual users to collaborate without any need to su. I've used that
> method for some decades, managing varied group access to different parts
> of project directory hierarchies.
>
> Hope that works for you too.
>
> Erik
>
>   
Erik
  Thank you so much for this information. I think I'll give the IMAP 
server a try, but these are helpful things to know and if I give up on 
the IMAP I'll give this a try. I'm having trouble getting my mind around 
it. It reminds me of moving from dumb terminals to ethernet, it took me 
a while to shift my thinking to the new paradigm.
                               Linda

More information about the ubuntu-users mailing list