This may be a little off topic but, When you're adding users, is there a way I can specify those groups in the initial account setup? I know I can specify mail, but I want to allow users access to telnet and ftp as well but from what I've seen, I don't need to specify those as they're there by default. Is this correct? regards, Shaun.. On Wed, 25 Apr 2001, Geoff Shang wrote: > On Sat, 21 Apr 2001, Jack wrote: > > > i was curious if anyone knows how to apply permissions such as specific > > directory access, access to specific programs or utilities, and time limits > > on specific users or accounts. > > also i was wondering if it was possible to make groups with those > > particular permissions set, so all i need do is asign the user or users to > > that group. > > OK the file stuff has been answered already. A few other notes. > > You can limit people's access to programs by exempting some executable > directories from their path variable. Note that this will not physically > stop them from running anything if they know where it is or if they > manually change their path but it will stop people from being able to run > them easily by default. > > I'm not sure about time limits but I know a few people on here know about > such things. > > You can hopefully deduce from the prior discussions on file permissions how > you can use groups to control group access to files and devices. The > groups are stored in /etc/group and the format is: > > <groupname>:x:<groupnum>:<member1>[,<member2>,<member3>] > > for example: > > audio:x:29:geoff,amanda > > This definition means that anyone in the audio group can access files or > devices with the permissions specified for the group audio, regardless of > the owner. For example, my /dev/dsp has rw-rw---- which means that root > can read and write (i.e. listen/record and play), and so can anyone in the > audio group. If I wanted only root to be able to record but still allow > the audio group to play back audio, I could change the permissions to > rw-r----- > > Note that your system probably has many groups defined by default, with > file permissions set sensibly for these groups. Thus, it's a good idea to > examine /etc/group, see what groups are already there, find out what files > are accessable by which groups, then add users to groups as appropriate. > > Geoff. > > > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup >
