Re: How a user can execute a file from anothe user
Warning running commands out of an other users home directory is ill advised and should be avoided at all costs. By changing the users home directory permissions you may cause problems as a side effect. For example if the user logs in via ssh and uses a key for authentication it may fail due to the home directory permissions being insure which is a very common side effect of doing this kind of change. On Fri, Sep 27, 2013 at 2:13 AM, Mahmood Naderan nt_mahm...@yahoo.com wrote: Sorry, I just saw the mistake, I forgot to mention that you need to grant access to the your home directory as mentioned by Mark. chmod o+rx /home/mahmood (I added read as the user didn't have permission to access the directory. If the filename is known (no requirement to do a ls on the directory), then execute is sufficient. If you give read, then all the filenames in your directory are revealed (but not necessarily the contents). Yes, thank you. It is now solved and the execute permission was good tip Regards, Mahmood From: John Lauro john.la...@covenanteyes.com To: Earl Ramirez earlarami...@gmail.com Cc: scientific-linux-users@fnal.gov; Mahmood Naderan nt_mahm...@yahoo.com Sent: Friday, September 27, 2013 12:30 AM Subject: Re: How a user can execute a file from anothe user One minor note, Read isn't needed on the directories if the user/script/etc knows the path. If the filename is known (no requirement to do a ls on the directory), then execute is sufficient. If you give read, then all the filenames in your directory are revealed (but not necessarily the contents). - Original Message - From: Earl Ramirez earlarami...@gmail.com To: Mahmood Naderan nt_mahm...@yahoo.com Cc: scientific-linux-users@fnal.gov Sent: Thursday, September 26, 2013 4:43:31 PM Subject: Re: How a user can execute a file from anothe user ... Sorry, I just saw the mistake, I forgot to mention that you need to grant access to the your home directory as mentioned by Mark. chmod o+rx /home/mahmood (I added read as the user didn't have permission to access the directory. You should now be able to execute the script as another user. For your reference: I created a folder named shared in user2 home directory @lab19 ~]# ls -la /home/user2 total 40 drwx---r-x. 5 user2 user2 4096 Sep 26 15:57 . drwxr-xr-x. 5 root root 4096 Sep 26 15:53 .. -rw---. 1 user2 user2 1387 Sep 26 16:27 .bash_history -rw-r-. 1 user2 user218 Feb 21 2013 .bash_logout -rw-r-. 1 user2 user2 176 Feb 21 2013 .bash_profile -rw-r-. 1 user2 user2 124 Feb 21 2013 .bashrc drwxr-x---. 2 user2 user2 4096 Nov 11 2010 .gnome2 drwxr-x---. 4 user2 user2 4096 Dec 20 2012 .mozilla drwxrws---. 2 user2 public 4096 Sep 26 15:57 shared -rw---. 1 user2 user2 641 Sep 26 15:57 .viminfo Created the script and was able to execute it from the user name user1 @lab19 ~]# ls -la /home/user2/shared/ total 12 drwxrws---. 2 user2 public 4096 Sep 26 15:57 . drwx---r-x. 5 user2 user2 4096 Sep 26 15:57 .. -rwxrwx---. 1 user2 public 18 Sep 26 15:57 script1 user1@lab19 ~]$ /home/user2/shared/script1 FilesystemSize Used Avail Use% Mounted on /dev/mapper/vg_lab11-lv_root 5.5G 2.8G 2.5G 54% / tmpfs504M 232K 504M 1% /dev/shm /dev/vda1485M 92M 369M 20% /boot /dev/md1272.0G 100M 1.9G 5% /home/labs -- Kind Regards Earl Ramirez GPG Key: http://trinipino.com/PublicKey.asc
Re: How a user can execute a file from anothe user
On Thu, 2013-09-26 at 11:06 -0700, Mahmood Naderan wrote: Hi I want to grant users to access (read/execute) some files and folders inside my home directory. Using chmod seems to be insufficient. For example I have made an executable file public for all [mahmood@tiger ~]$ chmod 777 test [mahmood@tiger ~]$ ls -l test -rwxrwxrwx. 1 mahmood mahmood 8026 Sep 2 12:18 test However when another user tries to run, it receives permission error [anotherone@tiger ~]$ /home/mahmood/test -bash: /home/mahmood/test: Permission denied You also need to give them permission to access/use your home directory: chmod o+x /home/mahmood And you have given everybody write access to the script. You only need to give read and execute permission: chmod 755 test And don't call a script test! It could lead to confusion with the system command test.
Re: How a user can execute a file from anothe user
chmod o+x /home/mahmood Does that imply they can see all my folders? And don't call a script test! It could lead to confusion with the system command test. Thanks Regards, Mahmood From: Mark Whidby mark.whi...@manchester.ac.uk To: Mahmood Naderan nt_mahm...@yahoo.com Cc: scientific-linux-users@fnal.gov scientific-linux-users@fnal.gov Sent: Thursday, September 26, 2013 9:48 PM Subject: Re: How a user can execute a file from anothe user On Thu, 2013-09-26 at 11:06 -0700, Mahmood Naderan wrote: Hi I want to grant users to access (read/execute) some files and folders inside my home directory. Using chmod seems to be insufficient. For example I have made an executable file public for all [mahmood@tiger ~]$ chmod 777 test [mahmood@tiger ~]$ ls -l test -rwxrwxrwx. 1 mahmood mahmood 8026 Sep 2 12:18 test However when another user tries to run, it receives permission error [anotherone@tiger ~]$ /home/mahmood/test -bash: /home/mahmood/test: Permission denied You also need to give them permission to access/use your home directory: chmod o+x /home/mahmood And you have given everybody write access to the script. You only need to give read and execute permission: chmod 755 test And don't call a script test! It could lead to confusion with the system command test.
Re: How a user can execute a file from anothe user
So I have created a groups and add myself and another user to this group [mahmood@tiger ~]$ groups mahmood sim [anotherone@tiger ~]$ groups anotherone sim [mahmood@tiger ~]$ ls -l drwxrws---. 14 mahmood sim 4096 May 17 14:10 sim-3.0.31 I didn't use chmod -R 2770 /home/mahmood/test Because after running that command, I myself was not able to run the program in my home directory! Still when the user want to run the program inside my home he get permission error [mehdi@tiger ~]$ /home/mahmood/sim-3.0.31/scripts/start-sim -bash: /home/mahmood/sim-3.0.31/scripts/start-sim: Permission denied Regards, Mahmood From: Earl Ramirez earlarami...@gmail.com To: Mahmood Naderan nt_mahm...@yahoo.com Cc: scientific-linux-users@fnal.gov scientific-linux-users@fnal.gov Sent: Thursday, September 26, 2013 10:54 PM Subject: Re: How a user can execute a file from anothe user On Thu, 2013-09-26 at 12:15 -0700, Mahmood Naderan wrote: $ chmod -R 2770 /home/mahmood/test Excuse me how can I revert back this command? $ chmod -R 0770 Or depending on what permission you had prior to the change. Regards, Mahmood __ From: Earl Ramirez earlarami...@gmail.com To: Mahmood Naderan nt_mahm...@yahoo.com Cc: scientific-linux-users@fnal.gov scientific-linux-users@fnal.gov Sent: Thursday, September 26, 2013 10:24 PM Subject: Re: How a user can execute a file from anothe user On Thu, 2013-09-26 at 11:06 -0700, Mahmood Naderan wrote: Hi I want to grant users to access (read/execute) some files and folders inside my home directory. Using chmod seems to be insufficient. For example I have made an executable file public for all [mahmood@tiger ~]$ chmod 777 test [mahmood@tiger ~]$ ls -l test -rwxrwxrwx. 1 mahmood mahmood 8026 Sep 2 12:18 test Are all this taking place on the same system? You can create a group and put all the users in that group, this way they will only have access to that particular directory. Then do the following: $ groupadd pubgrp $ chown -R mahmood.pubgrp /home/mahmood/test $ chmod -R 2770 /home/mahmood/test However when another user tries to run, it receives permission error [anotherone@tiger ~]$ /home/mahmood/test -bash: /home/mahmood/test: Permission denied What is the solution. Regards, Mahmood -- Kind Regards Earl Ramirez GPG Key: http://trinipino.com/PublicKey.asc -- Kind Regards Earl Ramirez GPG Key: http://trinipino.com/PublicKey.asc
Re: How a user can execute a file from anothe user
On Thu, 2013-09-26 at 12:35 -0700, Mahmood Naderan wrote: So I have created a groups and add myself and another user to this group [mahmood@tiger ~]$ groups mahmood sim [anotherone@tiger ~]$ groups anotherone sim [mahmood@tiger ~]$ ls -l drwxrws---. 14 mahmood sim 4096 May 17 14:10 sim-3.0.31 Sorry, I just saw the mistake, I forgot to mention that you need to grant access to the your home directory as mentioned by Mark. chmod o+rx /home/mahmood (I added read as the user didn't have permission to access the directory. You should now be able to execute the script as another user. For your reference: I created a folder named shared in user2 home directory @lab19 ~]# ls -la /home/user2 total 40 drwx---r-x. 5 user2 user2 4096 Sep 26 15:57 . drwxr-xr-x. 5 root root 4096 Sep 26 15:53 .. -rw---. 1 user2 user2 1387 Sep 26 16:27 .bash_history -rw-r-. 1 user2 user218 Feb 21 2013 .bash_logout -rw-r-. 1 user2 user2 176 Feb 21 2013 .bash_profile -rw-r-. 1 user2 user2 124 Feb 21 2013 .bashrc drwxr-x---. 2 user2 user2 4096 Nov 11 2010 .gnome2 drwxr-x---. 4 user2 user2 4096 Dec 20 2012 .mozilla drwxrws---. 2 user2 public 4096 Sep 26 15:57 shared -rw---. 1 user2 user2 641 Sep 26 15:57 .viminfo Created the script and was able to execute it from the user name user1 @lab19 ~]# ls -la /home/user2/shared/ total 12 drwxrws---. 2 user2 public 4096 Sep 26 15:57 . drwx---r-x. 5 user2 user2 4096 Sep 26 15:57 .. -rwxrwx---. 1 user2 public 18 Sep 26 15:57 script1 user1@lab19 ~]$ /home/user2/shared/script1 FilesystemSize Used Avail Use% Mounted on /dev/mapper/vg_lab11-lv_root 5.5G 2.8G 2.5G 54% / tmpfs 504M 232K 504M 1% /dev/shm /dev/vda1 485M 92M 369M 20% /boot /dev/md1272.0G 100M 1.9G 5% /home/labs -- Kind Regards Earl Ramirez GPG Key: http://trinipino.com/PublicKey.asc signature.asc Description: This is a digitally signed message part
Re: How a user can execute a file from anothe user
One minor note, Read isn't needed on the directories if the user/script/etc knows the path. If the filename is known (no requirement to do a ls on the directory), then execute is sufficient. If you give read, then all the filenames in your directory are revealed (but not necessarily the contents). - Original Message - From: Earl Ramirez earlarami...@gmail.com To: Mahmood Naderan nt_mahm...@yahoo.com Cc: scientific-linux-users@fnal.gov Sent: Thursday, September 26, 2013 4:43:31 PM Subject: Re: How a user can execute a file from anothe user ... Sorry, I just saw the mistake, I forgot to mention that you need to grant access to the your home directory as mentioned by Mark. chmod o+rx /home/mahmood (I added read as the user didn't have permission to access the directory. You should now be able to execute the script as another user. For your reference: I created a folder named shared in user2 home directory @lab19 ~]# ls -la /home/user2 total 40 drwx---r-x. 5 user2 user2 4096 Sep 26 15:57 . drwxr-xr-x. 5 root root 4096 Sep 26 15:53 .. -rw---. 1 user2 user2 1387 Sep 26 16:27 .bash_history -rw-r-. 1 user2 user218 Feb 21 2013 .bash_logout -rw-r-. 1 user2 user2 176 Feb 21 2013 .bash_profile -rw-r-. 1 user2 user2 124 Feb 21 2013 .bashrc drwxr-x---. 2 user2 user2 4096 Nov 11 2010 .gnome2 drwxr-x---. 4 user2 user2 4096 Dec 20 2012 .mozilla drwxrws---. 2 user2 public 4096 Sep 26 15:57 shared -rw---. 1 user2 user2 641 Sep 26 15:57 .viminfo Created the script and was able to execute it from the user name user1 @lab19 ~]# ls -la /home/user2/shared/ total 12 drwxrws---. 2 user2 public 4096 Sep 26 15:57 . drwx---r-x. 5 user2 user2 4096 Sep 26 15:57 .. -rwxrwx---. 1 user2 public 18 Sep 26 15:57 script1 user1@lab19 ~]$ /home/user2/shared/script1 FilesystemSize Used Avail Use% Mounted on /dev/mapper/vg_lab11-lv_root 5.5G 2.8G 2.5G 54% / tmpfs 504M 232K 504M 1% /dev/shm /dev/vda1 485M 92M 369M 20% /boot /dev/md1272.0G 100M 1.9G 5% /home/labs -- Kind Regards Earl Ramirez GPG Key: http://trinipino.com/PublicKey.asc
