foppa
01-04-2001, 09:57 PM
I got the Maximum Linux Security book for Christmas. Great book, but I ran into some trouble following the examples on manually adding new users and setting up their accounts.
(It shouldn't matter for this example, but I'm running Slackware 7.1)
Assuming the user account has been created, the steps for setting up the home directory in the book are:
(1)# mkdir /home/newuser
(2)# cp /etc/skel/.* /home/newuser
(3)# chown newuser /home/newuser
(4)# chown newuser /home/newuser/.*
(5)# chgrp newuser group /home/newuser
(6)# chgrp newuser group /home/newuser/.*
(7)# chmod 755 /home/newuser
(8)# chmod 644 /home/newuser/.*
Everything goes smoothly, until someone other than 'newuser' attempts to login. They are not allowed in to their home directory and default to / as pwd. Even root is locked out of his (in my case) home directory.
Doing a ls -l from / reveals that /home is owned by newuser and has 644 permission.
If I understand correctly, Linux is doing exactly what it's told and that lines 6 and 8 are the culprits, as changing the ownership and permissions of /home/newuser/.* effectively changes the ownership and permissions of /home.
Is this a typo in the book (page 90)?
Is there a better way to set up user's home directories? (Besides the 'adduser' command)
Wouldn't it be easier to use the -R flag with the chown, chgrp, and chmod commands?
TIA
------------------
"Two rules to success in life:
1. Don't tell people everything that you know."
--Sassan Tat
(It shouldn't matter for this example, but I'm running Slackware 7.1)
Assuming the user account has been created, the steps for setting up the home directory in the book are:
(1)# mkdir /home/newuser
(2)# cp /etc/skel/.* /home/newuser
(3)# chown newuser /home/newuser
(4)# chown newuser /home/newuser/.*
(5)# chgrp newuser group /home/newuser
(6)# chgrp newuser group /home/newuser/.*
(7)# chmod 755 /home/newuser
(8)# chmod 644 /home/newuser/.*
Everything goes smoothly, until someone other than 'newuser' attempts to login. They are not allowed in to their home directory and default to / as pwd. Even root is locked out of his (in my case) home directory.
Doing a ls -l from / reveals that /home is owned by newuser and has 644 permission.
If I understand correctly, Linux is doing exactly what it's told and that lines 6 and 8 are the culprits, as changing the ownership and permissions of /home/newuser/.* effectively changes the ownership and permissions of /home.
Is this a typo in the book (page 90)?
Is there a better way to set up user's home directories? (Besides the 'adduser' command)
Wouldn't it be easier to use the -R flag with the chown, chgrp, and chmod commands?
TIA
------------------
"Two rules to success in life:
1. Don't tell people everything that you know."
--Sassan Tat