File permissions for shared home directories?
anothermindbomb at gmail.com
Mon Dec 24 13:14:08 UTC 2012
On 24 December 2012 12:49, Jef Driesen <jefdriesen at hotmail.com> wrote:
> I have a NAS server with two unix accounts, named "me" and "wife". Each
> account has its own home directory, which are exported over NFS. So far no
> But I also have a common laptop which only has a single unix account which
> is shared between the two persons. If I give the laptop user the same
> UID/GID as the "me" account on the NAS, I can access my personal files. But
> how do I make sure I can also access the files from the "wife" account?
Groups. Add me and wife to a group (us) on the fileserver and perform
a chgrp to "us" on all of the files/directories which you want to be
accessible from both. Make the ownership on these files rwxrwx--- (or
whatever suits you best - important bit is the middle "rwx" or the
middle number if you're setting permissions via octal, which would be
770 for this example).
> I'm looking for a solution that is reasonable secure. It's fine if the "me"
> and "wife" account can access each others file, but other accounts should
> not have access.
Ensure the others permisisions bits are set to ---, or 0 in octal.
That'll stop other users. Don't put any other users in the "us" group.
You can have much finer control on this kind of thing by using ACL's,
but it's a little more fiddly to set up. For a quick and dirty, groups
should work fine.
When one person suffers from a delusion it is insanity. When many
people suffer from a delusion it is called religion.
More information about the ubuntu-users