File Permissions - newbie

File Permissions - newbie

Post by Soel » Mon, 28 Oct 2002 22:58:09



Hi,

I have just installed Linux Mandrake 9.0 and am having a few problems.
I know it is not wise to use the root account as default so I have
created one to use. The problem I am having is:
When I try to install things (netscape) and am asked if I would like
to create the new dir I say yes and am told I do not have permission
to do so.
The path is usr/local/netscape
I tried logging in as root, creating the folder and then logging back
in as soler to install it. I am then told I do not have permission to
install it there.
Is there a way I can give myself the permissions to everything? I am
the only user and would really like to have permission to everything.
If I try to install netscape under root it simply says it cannot find
the file even though it is there?!?!?
please help!!
Thanks in advance!

 
 
 

File Permissions - newbie

Post by Linux Newbi » Tue, 29 Oct 2002 01:26:24



Hello,

In Linux file permissions are manipulated by the chmod command.
The /usr directory does not allow a non-root user to write.
There are 2 ways you can install this application.

1.  Install it under /home/your_user_name
2.  If you want to install under /usr use chmod.
    Since you are the only user on the system and need a quick answer,

      chmod ugo+rwx /usr      

    will allow "everyone" to read, write, execute in the /usr directory.

Quote:>Hi,

>I have just installed Linux Mandrake 9.0 and am having a few problems.
>I know it is not wise to use the root account as default so I have
>created one to use. The problem I am having is:
>When I try to install things (netscape) and am asked if I would like
>to create the new dir I say yes and am told I do not have permission
>to do so.
>The path is usr/local/netscape
>I tried logging in as root, creating the folder and then logging back
>in as soler to install it. I am then told I do not have permission to
>install it there.
>Is there a way I can give myself the permissions to everything? I am
>the only user and would really like to have permission to everything.
>If I try to install netscape under root it simply says it cannot find
>the file even though it is there?!?!?
>please help!!
>Thanks in advance!


 
 
 

File Permissions - newbie

Post by mjt » Tue, 29 Oct 2002 02:00:42



> When I try to install things (netscape) and am asked if I would like
> to create the new dir I say yes and am told I do not have permission

.... when installing software, "su" to root (if required that is) and
run the installer [completely]; everything should be fine then.

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Michael J. Tobler: motorcyclist, surfer,  #    Black holes result
 skydiver, and author: "Inside Linux",     #   when God divides the  
 "C++ HowTo", "C++ Unleashed"              #     universe by zero

 
 
 

File Permissions - newbie

Post by Baard Ove Kopper » Tue, 29 Oct 2002 09:37:01



> Hi,

> I have just installed Linux Mandrake 9.0 and am having a few problems.
> I know it is not wise to use the root account as default so I have
> created one to use. The problem I am having is:
> When I try to install things (netscape) and am asked if I would like
> to create the new dir I say yes and am told I do not have permission

...

Though it's correct that you for several reasons shouldn't
use the 'root' account as your day-to-day account, there
are certain times when you *need* the added priviliges and
controll that it gives you.  Adding new users are one such
time... as is *installing* new software.

As a normal user, you only have priviliges from your
home-directory (/home/name) and downwards.  Even if
you create a directory as root, your normal alter-ego
have no permission to write in it.

Unless you chose to install something under your home-
directory -- to be used by that user alone -- you'll
need root-priviliges (so you're able to install globally).

root-priviliges should *only* be used when you actually
_need_ them, so you'll usually log-in as a normal user,
do what you can as this user (e.g. downloading, unpacking
and compiling new software), and only if and when you're
unable to do anything more as that user (e.g. like
installing) invoke root-priviliges.  The command 'su'
(followed by root's password) will allow you to become
root at any time... without logging-out.  Type 'exit'
to go back to your normal identity as soon as you
don't need root-priviliges any longer.

To prevent damage, you can use 'su <username>' once
again to become one of the system-users (like bin,
adm, mail, deamon) -- when you do it as 'root' you
won't be asked for password and may even enter
accounts closed for log-ins.  If you only intend
to clean-out the printer-directories, being 'root'
may be an over-kill... being just 'lp' or 'deamon'
may be enough, and you won't risk damageing anything
not related to printers.  If you want to fix the
mail, try becomming the user 'mail' and so on.

Alternatively, you can make your normal ID member of
some of the system-groups.  If you for example wants
to keep an eye on (and tamper with) the log-files, you
may make yourself a member of the adm-group.  But be
careful, you shouldn't be a member of most of them.

As 'root' you should never have "." (current-directory)
in your PATH... actually, you shouldn't relay on PATH
at all, but use the full-path for *all* commands.  That
way, you know exactly which command you run (instead
of typing "ls" to list files, you should type "/bin/ls").

You should also check and double check everything you've
typed before pressing "enter" and check that you actualle
are where you think you are in the directory-tree.  There
is a *huge* difference between "rm *.txt" and "rm * .txt"
-- especially when you're *not* in "/root" as you thought,
but rather in "/".

Remember, you can do much as a normal user.  You can
download software from the net.  You can unpack it.
You can compile it.  You can install it in a pseudo-
directory and make a package of it.  It's first when
you actually wants to *install* the software/package
that you _have to_ become 'root'.

I hope this helped.
Good luck.
-Koppe

 
 
 

File Permissions - newbie

Post by Greg » Wed, 30 Oct 2002 14:21:38


Thanks, excellent explanation of using ROOT properly.

Greg.




Quote:> > Hi,

> > I have just installed Linux Mandrake 9.0 and am having a few problems.
> > I know it is not wise to use the root account as default so I have
> > created one to use. The problem I am having is:
> > When I try to install things (netscape) and am asked if I would like
> > to create the new dir I say yes and am told I do not have permission
> ...

> Though it's correct that you for several reasons shouldn't
> use the 'root' account as your day-to-day account, there
> are certain times when you *need* the added priviliges and
> controll that it gives you.  Adding new users are one such
> time... as is *installing* new software.

> As a normal user, you only have priviliges from your
> home-directory (/home/name) and downwards.  Even if
> you create a directory as root, your normal alter-ego
> have no permission to write in it.

> Unless you chose to install something under your home-
> directory -- to be used by that user alone -- you'll
> need root-priviliges (so you're able to install globally).

> root-priviliges should *only* be used when you actually
> _need_ them, so you'll usually log-in as a normal user,
> do what you can as this user (e.g. downloading, unpacking
> and compiling new software), and only if and when you're
> unable to do anything more as that user (e.g. like
> installing) invoke root-priviliges.  The command 'su'
> (followed by root's password) will allow you to become
> root at any time... without logging-out.  Type 'exit'
> to go back to your normal identity as soon as you
> don't need root-priviliges any longer.

> To prevent damage, you can use 'su <username>' once
> again to become one of the system-users (like bin,
> adm, mail, deamon) -- when you do it as 'root' you
> won't be asked for password and may even enter
> accounts closed for log-ins.  If you only intend
> to clean-out the printer-directories, being 'root'
> may be an over-kill... being just 'lp' or 'deamon'
> may be enough, and you won't risk damageing anything
> not related to printers.  If you want to fix the
> mail, try becomming the user 'mail' and so on.

> Alternatively, you can make your normal ID member of
> some of the system-groups.  If you for example wants
> to keep an eye on (and tamper with) the log-files, you
> may make yourself a member of the adm-group.  But be
> careful, you shouldn't be a member of most of them.

> As 'root' you should never have "." (current-directory)
> in your PATH... actually, you shouldn't relay on PATH
> at all, but use the full-path for *all* commands.  That
> way, you know exactly which command you run (instead
> of typing "ls" to list files, you should type "/bin/ls").

> You should also check and double check everything you've
> typed before pressing "enter" and check that you actualle
> are where you think you are in the directory-tree.  There
> is a *huge* difference between "rm *.txt" and "rm * .txt"
> -- especially when you're *not* in "/root" as you thought,
> but rather in "/".

> Remember, you can do much as a normal user.  You can
> download software from the net.  You can unpack it.
> You can compile it.  You can install it in a pseudo-
> directory and make a package of it.  It's first when
> you actually wants to *install* the software/package
> that you _have to_ become 'root'.

> I hope this helped.
> Good luck.
> -Koppe

 
 
 

1. Newbie: Unix File Permissions on HTML files?

Hello,

I am trying to set UNIX (Linux) file permissions in a way that no one
except the webadministrator can
read (no reading is what I want!) or access the web file in Apaches
DocumentRoot directory.

The idea is that the administrator is not the user that actually owns
the server process.
Therefore I wanted to set up a common group for the server process user
(lets say ARUN) and the
Web Administrator (lets call him ADMIN). Then ADMIN should theoretically
create alle the files
with 750 or similar permissions.
Since I give full access to the group (let's call it AGROUP), Apache,
running as ARUN, should be able to
serve all those files belonging to AGROUP.

In practice though Apache gives me an -->access denied error that looks
like this in Netscape:

The reson for this setup is that I don't want anybody to login as ARUN
and I can create as many
ADMIN_1, ADMIN_2, ... accounts as I want, and therefore being able to
track which admin changed
which file since the individual user would be the owner of the file
(unless they maliciously erase their traces).

One more note:
For all other operations this setup works just fine, only Apache doesn't
like it.
Doesn't Apache evaluate the group permissions for some reason???
(Apache is started from root in the boot scripts , but then changes to
the ARUN user)

What am I doing wrong?

Thanx a lot,

Bodo

--
BBB  EEEEE H    H  Dipl.-Ing. Bodo E. Hasubek BBB  EEEEE H    H
B  B E     H    H  University of Calgary      B  B E     H    H
BBB  EEEE  HHHHHH  Dept. of El. & Comp. Eng.  BBB  EEEE  HHHHHH
B  B E     H    H  2500 University Dr. NW     B  B E     H    H
B  B E     H    H  Calgary, AB   T2N 1N4      B  B E     H    H
BBB  EEEEE H    H  CANADA                     BBB  EEEEE H    H
                   FAX   (403) 282-6855

2. Raise MAX_MP_BUSSES to 256 on SMP boxes

3. File permissions/access and CHAP - confused newbie!

4. HPT366 problem

5. Newbie:Unable to set default file permissions!!

6. STB Nitro

7. Setting File/Directory Permissions - newbie question.

8. need help for new system

9. newbie needs help with file permissions

10. File and directory permissions - Newbie

11. Newbie file permission question

12. Help. File permissions (Unix Newbie)

13. newbie: giving file permissions to a specific person