wrote:
>
> On Wed, Mar 07, 2018 at 11:54:06AM -, Dan Purgert wrote:
>
> [...]
>
>> Think of it as being somewhat like a parking lot / garage with a gate at the
>> entrance.
>
> Uh-oh. A car analogy :)
>
>> You enter the lot / garage, get your ticket, and are admitted in. Now
>> you're free to
On Wed, Mar 07, 2018 at 12:42:19PM +0100, epsilon...@tutanota.com wrote:
> OK thanks for the explanations.
> To make sure:
> 1.) To prevent this scenario, I have to do recursive chown and chmod.
No, to prevent this scenario, use the correct owner and permissions in
the first place instead of setti
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 07, 2018 at 01:11:52PM +0100, epsilon...@tutanota.com wrote:
> Tomas and Dan, thanks for the explanations. So if the process have already a
> handle (file descriptor) to apple, it can continue using it, even when I
> chmod 700 one of its
Hi,
epsilon...@tutanota.com wrote:
> So what you say is this: if there is an open terminal before chmod 700, then
> I can use that terminal to access "apple", but after I close terminal B,
> there is no way to access that apple directory? Neither with a shall window,
> nor with another software?
Tomas and Dan, thanks for the explanations. So if the process have already a
handle (file descriptor) to apple, it can continue using it, even when I chmod
700 one of its parents. On the other hand, any new process trying to get a
handle to apple MUST traverse the directory tree. This is what I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 07, 2018 at 11:54:06AM -, Dan Purgert wrote:
[...]
> Think of it as being somewhat like a parking lot / garage with a gate at the
> entrance.
Uh-oh. A car analogy :)
> You enter the lot / garage, get your ticket, and are admitted in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 07, 2018 at 12:42:19PM +0100, epsilon...@tutanota.com wrote:
> OK thanks for the explanations.
> To make sure:
> 1.) To prevent this scenario, I have to do recursive chown and chmod.
I don't quite understand what you mean by "scenario": th
wrote:
> Sorry, it is very counter intuitive to me.
> So what you say is this: if there is an open terminal before chmod
> 700, then I can use that terminal to access "apple", but after I close
> terminal B, there is no way to access that apple directory? Neither
> with a shall window, nor with an
OK thanks for the explanations.
To make sure:
1.) To prevent this scenario, I have to do recursive chown and chmod.
2.) If I chmod only /opt/experiment, there is absolutely no other way to access
apple, other than an already open terminal.
Correct?
7. Mar 2018 14:34 by to...@tuxteam.de:
> -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 07, 2018 at 12:19:06PM +0100, epsilon...@tutanota.com wrote:
> Addition to previous email:
> Example:
> In terminal B I can still modify a files as follows:
> touch aaa
> echo "123" > aaa
> But when I do,
> vi aaa
> even in the same termina
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 07, 2018 at 12:14:10PM +0100, epsilon...@tutanota.com wrote:
> Sorry, it is very counter intuitive to me.
> So what you say is this: if there is an open terminal before chmod 700,
> then I can use that terminal to access "apple", but after
Addition to previous email:
Example:
In terminal B I can still modify a files as follows:
touch aaa
echo "123" > aaa
But when I do,
vi aaa
even in the same terminal, vi can't access the file aaa.
7. Mar 2018 14:14 by epsilon...@tutanota.com:
> Sorry, it is very counter intuitive to me.
> So
Sorry, it is very counter intuitive to me.
So what you say is this: if there is an open terminal before chmod 700, then I
can use that terminal to access "apple", but after I close terminal B, there is
no way to access that apple directory? Neither with a shall window, nor with
another software?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 07, 2018 at 11:54:43AM +0100, epsilon...@tutanota.com wrote:
> 7. Mar 2018 11:27 by to...@tuxteam.de:
>
> > I can't reproduce, either. Once the chown to root happens, non-root
> > user can't touch files in directory. Ext4.
>
> I double ch
7. Mar 2018 11:27 by to...@tuxteam.de:
> I can't reproduce, either. Once the chown to root happens, non-root
> user can't touch files in directory. Ext4.
I double checked. Sorry the previous example was not good. To reproduce the
issue, you have to create another directory inside the top one.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 07, 2018 at 02:46:05PM +1300, Ben Caradoc-Davies wrote:
> On 07/03/18 13:56, epsilon...@tutanota.com wrote:
> >On terminal A,
> >chown root:root /opt/experiment/
> >chmod 700 /opt/experiment
> >On terminal B,
> >whoami #aristo
> >touch bbb
On 07/03/18 13:56, epsilon...@tutanota.com wrote:
> Do you have any network filesystems involved in this test?
No network fs.
It is a local LUKS encrypted disk with ext4 filesystem.
Kernel is latest.
Debian 9.3
On 07/03/18 13:56, epsilon...@tutanota.com wrote:
On terminal A,
chown root:root /opt/experiment/
chmod 700 /opt/experiment
On terminal B,
whoami #aristo
touch bbb
# OK bbb is created in /opt/experiment/
cd /opt/experiment/
# Gives permission denied
ls -la
# Gives correct listing
pwd
# Gives /opt
For example, on terminal window A,
su
whoami # root
mkdir /opt/experiment/
chown aristo:aristo /opt/experiment/
Now on another terminal window, B,
su aristo
whoami # aristo
cd /opt/experiment/
touch aaa
# OK aaa is created
On terminal A,
chown root:root /opt/experiment/
chmod 700 /opt/experime
On Sat, 08 Nov 2014, John Conover wrote:
> and look at the ownership of the cups directory and compare it to the
> ownership in /etc.
In this example, you're not archiving etc/cups or etc, you're just
archiving etc/cups/printers.conf, which means that tar must create
etc/cups itself, and has no re
Don Armstrong writes:
> On Sat, 08 Nov 2014, John Conover wrote:
> > That's true, Don, but the issue is the ownership of the DIRECTORIES
> > when installing, a directory TREE in a non root temporary directory.
> > The file ownerships are, indeed, correct. The ownerships of the
> > directories down
On Sat, 08 Nov 2014, John Conover wrote:
> That's true, Don, but the issue is the ownership of the DIRECTORIES
> when installing, a directory TREE in a non root temporary directory.
> The file ownerships are, indeed, correct. The ownerships of the
> directories down to the files are always root/roo
Don Armstrong writes:
> On Sat, 08 Nov 2014, John Conover wrote:
> > There has been changes in the way a tar(1) restore to a temporary
> > directory constructs directory ownerships; as login theuser, in
> > ${HOME}:
>
> This looks like you're using tar --no-same-owner, possibly via an ENV
> variab
On Sat, 08 Nov 2014, John Conover wrote:
> There has been changes in the way a tar(1) restore to a temporary
> directory constructs directory ownerships; as login theuser, in
> ${HOME}:
This looks like you're using tar --no-same-owner, possibly via an ENV
variable or something else.
% fakeroot ba
There has been changes in the way a tar(1) restore to a temporary
directory constructs directory ownerships; as login theuser, in
${HOME}:
mkdir xxx xxx/yyy; touch xxx/yyy/zzz
su
Password:
# cd /
# tar cvf home/theuser/aaa.tar home/theuser/xxx
home/theuser/xxx/
home/theuser/xxx/yyy/
home/th
Ben Bettin wrote:
I'm running Sarge and have two 250 gb drives. One has my system
installed on it, the other is mounted as /backup. I intended to use
/backup to...well...back things up :)
How do I grant certain users access to /backup? Right now it's only
accessible to the root user. I've read
Ben Bettin wrote:
I'm running Sarge and have two 250 gb drives. One has my system
installed on it, the other is mounted as /backup. I intended to use
/backup to...well...back things up :)
How do I grant certain users access to /backup? Right now it's only
accessible to the root user. I've read
Hello
Ben Bettin (<[EMAIL PROTECTED]>) wrote:
> I'm running Sarge and have two 250 gb drives. One has my system
> installed on it, the other is mounted as /backup. I intended to use
> /backup to...well...back things up :)
>
> How do I grant certain users access to /backup? Right now it's only
I'm running Sarge and have two 250 gb drives. One has my system
installed on it, the other is mounted as /backup. I intended to use
/backup to...well...back things up :)
How do I grant certain users access to /backup? Right now it's only
accessible to the root user. I've read through a few man
On (06/11/03 14:39), [EMAIL PROTECTED] wrote:
> Eric,
>
> > /foo - Only folks in the 'users' group can read, write and delete
> > files/dirs.
>
> The permissions of directory foo do not influence whether someone can
> open a given file in it for reading or writing, only whether he can
>
Eric,
> /foo - Only folks in the 'users' group can read, write and delete
> files/dirs.
The permissions of directory foo do not influence whether someone can
open a given file in it for reading or writing, only whether he can
delete, create, or rename a file. Read permission for the dir
Hi All,
I'm trying to set up some restrictions to a couple of directories and
their files and just can't seem to get it right. Here's what I'm
trying to do:
/foo - Only folks in the 'users' group can read, write and delete
files/dirs.
/bar - Only folks in the 'admin' group can read, writ
On Sun, 2 Nov 2003, David Christensen wrote:
> [EMAIL PROTECTED] & [EMAIL PROTECTED]:
>
> I am running Apache 1.3.26 on Debian 3.0r1 (Woody). I would like to
> enable user ~/public_html directories, but have two security goals which
> I cannot solve simultaneously:
>
> 1. Apache should run as t
cript). However,
the default Debian home directory permissions are 755, failing goal #2.
When I change my home directory permissions to 700 to meet goal #2,
Apache fails with "Forbidden You don't have permission to access
/~dpchrist/ on this server. Apache/1.3.26 Server at 192.168.2
also sprach Haralambos Geortgilakis <[EMAIL PROTECTED]> [2002.11.19.1022 +0100]:
> haralambos@haralambos:~$ ld -ld / /Hellene
ls I meant sorry..
--
.''`. martin f. krafft <[EMAIL PROTECTED]>
: :' :proud Debian developer, admin, and user
`. `'`
`- Debian - when you have better things
Yo Madduck,
luv that handle! Donald Duck is one of my favz @ Disney!
Now, where was I? Debian Tux
haralambos@haralambos:~$ ld -ld / /Hellene
ld: cannot find -ld
haralambos@haralambos:~$ su
Password:
haralambos:/home/haralambos# ld -ld / /Hellene
ld: cannot find -ld
haralambos:/home/harala
On Mon, Nov 18, 2002 at 12:51:05PM -0500, sean finney wrote:
> that brings up a question i've been wondering: is the FHS merely a
> guideline that debian packages follow, or is it something that debian
> users are also strongly recommended to follow as well?
Debian users can do what they like, al
On Mon, Nov 18, 2002 at 12:51:05PM -0500, sean finney wrote:
> that brings up a question i've been wondering: is the FHS merely a
> guideline that debian packages follow, or is it something that debian
> users are also strongly recommended to follow as well? granted i might
> be a hypocrite for n
On Mon, Nov 18, 2002 at 04:51:15PM +0100, martin f krafft wrote:
> /windows? that's a direct violation of the FHS. just being picky as
> you were.
does it? i didn't think it did since the reason listed in the fhs for
not putting more stuff in / is to keep it small and thus less likely
to corrupt
> of time, i'd put it somewhere like /windows or /usr/local/win or
> something.
/windows? that's a direct violation of the FHS. just being picky as
you were.
--
.''`. martin f. krafft <[EMAIL PROTECTED]>
: :' :proud Debian developer, admin, and user
`. `'`
`- Debian - when you have
hiya,
On Mon, Nov 18, 2002 at 12:41:42PM +0200, [EMAIL PROTECTED] wrote:
>/dev/hda1 /mnt/win1 vfatdefaults,ro,user,noauto 0 0
not to be picky, but just to point it out, having sub-directories in
/mnt is non-standard (well, to most linuces/unices, redhat seems to
have oth
also sprach Haralambos Geortgilakis <[EMAIL PROTECTED]> [2002.11.18.1219 +0100]:
>
> haralambos:/Hellene# cd Stuff
> haralambos:/Hellene/Stuff# ls -ld
> drwxr-xr-x 38 root root24576 Aug 12 21:09 .
> haralambos:/Hellene/Stuff#
>
so /Hellene is a VFAT partition? can you give me
*
Hi Yall & Martin,
here is a wee screen dump
haralambos:/Hellene# cd Stuff
haralambos:/Hellene/Stuff# ls -ld
drwxr-xr-x 38 root root24576 Aug 12 21:09 .
haralambos:/Hellene/Stuff#
Must crash-it is late on this side of the planet. :-)
*BFN*
H :-)
Seen in a watch shop: PL
On Mon, Nov 18, 2002 at 11:10:36PM +1300, Haralambos Geortgilakis wrote:
>
> So, I have a directory, on a Win-FAT-32 partition, with various
> sub-directories & I wanna access then as a plain user.
>
> Um, like what is the syntax dude/dudette?
Hello
I would first make some changes to /etc/fst
also sprach Haralambos Geortgilakis <[EMAIL PROTECTED]> [2002.11.18.1110 +0100]:
> So, I have a directory, on a Win-FAT-32 partition, with various
> sub-directories & I wanna access then as a plain user.
show me the `ls -ld ` on that directory.
--
.''`. martin f. krafft <[EMAIL PROTECTED]>
Hi yall,
sometimes I read the howto's & they make sense & sometimes they don't
Well, I tried to change them in the KDE file manager & Midnight
Commander (God I love MC!), as root & it said I could not; insufficient
permission! Hmmm.
So, I have a directory, on a Win-FAT-32 partition, with
Xeno Campanoli wrote:
> Actually, I think you just change the permissions in the file
Sorry! I meant in the directory /etc/skel! Bleh!
> /etc/skel. I'm not sure though, so let us all know if that works.
> There may be a umask thing you'll want to change too.
--
http://www.eskimo.com/~xeno
[E
On Tue, Mar 05, 2002 at 11:20:10AM -0800, Xeno Campanoli wrote:
> Gary Hennigan wrote:
> > "Charlie Grosvenor" <[EMAIL PROTECTED]> writes:
> > > I have just used the command adduser to add some users to my system. I
> > > have noticed that each user added has read rights to other users home
> >
On Tue, Mar 05, 2002 at 11:11:55AM -0700, Gary Hennigan wrote:
> "Charlie Grosvenor" <[EMAIL PROTECTED]> writes:
> > I have just used the command adduser to add some users to my system. I
> > have noticed that each user added has read rights to other users home
> > directory. Why is this? how c
Gary Hennigan wrote:
>
> "Charlie Grosvenor" <[EMAIL PROTECTED]> writes:
> > I have just used the command adduser to add some users to my system. I
> > have noticed that each user added has read rights to other users home
> > directory. Why is this? how can i stop adduser from creating home
>
Hello Charlie,
dpkg-reconfigure adduser
It asks you, if you want this behaviour or not.
Daniel
Charlie Grosvenor wrote:
Hi
I have just used the command adduser to add some users to my system. I
have noticed that each user added has read rights to other users home
directory. Why is this? h
"Charlie Grosvenor" <[EMAIL PROTECTED]> writes:
> I have just used the command adduser to add some users to my system. I
> have noticed that each user added has read rights to other users home
> directory. Why is this? how can i stop adduser from creating home
> directories with these permissio
Hi
I have just used the command adduser to add some users to my system. I
have noticed that each user added has read rights to other users home
directory. Why is this? how can i stop adduser from creating home
directories with these permissions?
Thankyou
Charlie
[EMAIL PROTECTED] writes:
> Hi all,
>
> Somehow several directories on my 1.3.1 system have had their
> permissions changed. So far I have found /tmp and /var/spool. Is
> there some list somewhere that lists all the default permissions of
> these directories? Maybe a file in /etc or something?
Hi all,
Somehow several directories on my 1.3.1 system have had their
permissions changed. So far I have found /tmp and /var/spool. Is
there some list somewhere that lists all the default permissions of
these directories? Maybe a file in /etc or something? I think it
happened when I tried to us
Rick Jones <[EMAIL PROTECTED]> writes:
> The reason I opted for mc in the first place was for the ability to tag or
> untag directories to avoid copying /proc and the /mnt directories. Since
> it had the option to retain UID's and GID's I thought it was a safe
> option. I backfired on me which I
s
such.
I will say that other than the directory permissions it worked well. I
should have followed my usual procedure of dbl checking before I removed
the old file system.
The linuxconf suggestion changed some of the permissions for me. The
system is working without any errors other than the s
On Tue, 29 Apr 1997 Nathan E Norman <[EMAIL PROTECTED]> wrote:
-snip--
> Using the correct tools is important. David gives you one such tool - I
> personally type the following command in the directory I wish to copy:
> "find . -prin
On 13:28:43 Nathan E Norman wrote:
>
>Using the correct tools is important. David gives you one such tool - I
>personally type the following command in the directory I wish to copy:
>"find . -print | cpio -p /target". This is of course a simplification;
>find and cpio have a lot of powerful opti
On Apr 29, Nathan E Norman wrote
>
> On Tue, 29 Apr 1997, David Wright wrote:
>
> > On Tue, 29 Apr 1997, Rick Jones wrote:
> >
> > > [ description of problem ]
> > >
> > > I did this to avoid a full install when I repartitioned since I have no
> > > backup system and have installed from ftp. S
Rick Jones wrote:
> 1. Is there an easy way to reset the permissions of my directories to
> what they should be? Such as a program that I can exicute that will set
> them or go through and prompt me for the changes.
I'd suggest using the dpkgcert package by Klee Dienes - it scans
all of the fi
On Tue, 29 Apr 1997, David Wright wrote:
> On Tue, 29 Apr 1997, Rick Jones wrote:
>
> > [ description of problem ]
> >
> > I did this to avoid a full install when I repartitioned since I have no
> > backup system and have installed from ftp. Somebody out there must have a
> > good way to reset
On Tue, 29 Apr 1997, Rick Jones wrote:
> As some of you are aware, I recently transfered my file system from hda1
> to hda2. When I did it I used midnight commander.
>
> MC has an option to keep UID's and GID's when copying. Supprise! It only
> does this on the files. When it created the direc
As some of you are aware, I recently transfered my file system from hda1
to hda2. When I did it I used midnight commander.
MC has an option to keep UID's and GID's when copying. Supprise! It only
does this on the files. When it created the directories on hda2 it
made them ALL root.root using um
64 matches
Mail list logo