On Sat, 21 Apr 2001, Jack wrote: > i was curious if anyone knows how to apply permissions such as specific > directory access, access to specific programs or utilities, and time limits > on specific users or accounts. > also i was wondering if it was possible to make groups with those > particular permissions set, so all i need do is asign the user or users to > that group. OK the file stuff has been answered already. A few other notes. You can limit people's access to programs by exempting some executable directories from their path variable. Note that this will not physically stop them from running anything if they know where it is or if they manually change their path but it will stop people from being able to run them easily by default. I'm not sure about time limits but I know a few people on here know about such things. You can hopefully deduce from the prior discussions on file permissions how you can use groups to control group access to files and devices. The groups are stored in /etc/group and the format is: <groupname>:x:<groupnum>:<member1>[,<member2>,<member3>] for example: audio:x:29:geoff,amanda This definition means that anyone in the audio group can access files or devices with the permissions specified for the group audio, regardless of the owner. For example, my /dev/dsp has rw-rw---- which means that root can read and write (i.e. listen/record and play), and so can anyone in the audio group. If I wanted only root to be able to record but still allow the audio group to play back audio, I could change the permissions to rw-r----- Note that your system probably has many groups defined by default, with file permissions set sensibly for these groups. Thus, it's a good idea to examine /etc/group, see what groups are already there, find out what files are accessable by which groups, then add users to groups as appropriate. Geoff.
