[Gllug] how to exclude some users from a drive?
Andrew Farnsworth
farnsaw at stonedoor.com
Wed Apr 2 21:13:19 UTC 2008
John Edwards wrote:
> On Wed, Apr 02, 2008 at 04:54:20PM -0400, Andrew Farnsworth wrote:
>
>> salsaman at xs4all.nl wrote:
>>
> <snip>
>
>>> Shouldn't that be chmod 770 ?
>>>
>
>
>> You are correct, as usual I got this backwards. See
>> http://en.wikipedia.org/wiki/File_system_permissions#Octal_notation
>>
>> For completeness, the following is the General form, followed by the
>> corrected detail form.
>>
>> General Usage:
>> chown <new owner> <path to directory>
>> chgrp <new group> <path to directory>
>> chmod <Owner Permissions> <Group Permissions> <World Permissions>
>> <path to directory>
>>
>> chmod -R 770 /media/mounted_volume
>>
>> Note:
>> -R Signals recursively chmod, chgrp, chown and you might not want to
>> change these recursively, just restrict access to the top level.
>> 770 = Read/Write/Execute permissions to Owner, Read/Write/Execute
>> permissions to
>> Group, No permissions to World
>>
>
> But 770 forces the execute bit on all files, even those that you may
> not want to execute.
>
> It would be better to use 'chmod -R o-rwx' which will remove te read,
> write and execute bits for users that do not own the file or are in
> the group for that file.
>
> *But* this only works for UNIX like file systems. If the device you
> plugin is a CdROM or a USB stick then it will use something like
> ISO9660 or FAT instead.
>
> I think it is better to do this through controlling membership of the
> group that are allowed to mount these file systems, as James Holland
> has emailed earlier with the GUI instructions.
>
Hmm, yes, that does seem to present a better way of doing this. I guess
it really depends on how the machine in question is used and exactly
what you want to do with the mounted volumes.
Andrew Farnsworth
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list