RE: [Jailkit-users] Group management question

jailkit-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Jailkit-users] Group management question

From:	Al Sheldon
Subject:	RE: [Jailkit-users] Group management question
Date:	Wed, 16 Aug 2006 08:07:23 -0700

I tried changing group ownership and it keeps coming back that the group
is not owned by 100 (i.e. users).  I am not sure which version I am
running, I will check that today and see if I need to upgrade.

Thanks,

Al Sheldon
Systems Administrator
Jefferson Behavioral Health
PO Box 1870
Grants Pass, OR 97528
541.955.9565 (ext. 109)
541.955.9707 (fax)
541.761.5317 (cell)
address@hidden 

Confidentiality Notice - The information contained in this electronic
mail and any attachments is intended for the sole use of the intended
recipient(s), and may contain confidential and privileged information
protected by laws of the State of Oregon and the United States of
America.  Any unauthorized review, use, disclosure or distribution is
prohibited by law.  If you are not the intended recipient, please notify
the sender by reply e-mail, and destroy all copies of the original
message from your computer.
-----Original Message-----
From: address@hidden
[mailto:address@hidden On Behalf Of
Olivier Sessink
Sent: Tuesday, August 15, 2006 11:17 PM
To: address@hidden
Subject: Re: [Jailkit-users] Group management question

Al Sheldon wrote:
[..]
> I would like to setup a user who can access specific directories of
> specific Jail users, in other words a master to only a select set of
> users on the server.
[..]

you'll need to make the data readable for a certain group, make the
directory owned by that group and 'set group id on execution' so all
files will have that group, set the umask (option 'umask = 002' in
jk_lsh.ini inside the jail) and add the master user as member of that
group (in both /etc/group and <jail>/etc/group).

> However if I relax the group permissions I
> believe that the users would be able to view each others data?  And if
I
> change the group from users to something I create I cannot connect
(get
> an error that the group is not set to users). 

on the most recent jailkit (not sure if that is possible in 2.0, perhaps
only in CVS), there are new options for jk_chrootsh
'relax_home_group_permissions=1', and 'relax_home_group=1', that allow
you to have different group ownership and different permissions on the
users home directories.

regards,
        Olivier

_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users

[Prev in Thread]

Current Thread

[Next in Thread]

[Jailkit-users] Group management question, Al Sheldon, 2006/08/15
- Re: [Jailkit-users] Group management question, Olivier Sessink, 2006/08/16
- RE: [Jailkit-users] Group management question, Al Sheldon <=
- RE: [Jailkit-users] Group management question, Al Sheldon, 2006/08/16
  - Re: [Jailkit-users] Group management question, Olivier Sessink, 2006/08/17

Prev by Date: Re: [Jailkit-users] Group management question
Next by Date: RE: [Jailkit-users] Group management question
Previous by thread: Re: [Jailkit-users] Group management question
Next by thread: RE: [Jailkit-users] Group management question
Index(es):
- Date
- Thread