Re: x only works for root
On Mon, 01 Dec 2003 00:10:22 +0000, Peter Whysall wrote:
> On Sun, 2003-11-30 at 20:34, Paul Morgan wrote:
>> On Sun, 30 Nov 2003 14:07:37 -0600, tripolar wrote:
>>
>> > Thanks a million
>> > both gnome & kde work now as regular user
>> > Paul Morgan wrote:
>> >
>> >>/tmp should be owned by root and open to everyone:
>> >>
>> >>drwxrwxrwx 9 root root 4096 Nov 30 14:14 /tmp
>> >>
>> >>as root, do
>> >>chown root:root /tmp
>> >>chmod 777 /tmp
>> >>
>> >>
>> >>
>> >>
>>
>> Great!
>>
>> BTW, One thing to look out for (not you specifically, but any reader
>> in general): if one is breaking out filesystems into separate partitions,
>> or copying filesystems (or LVs if you're using LVM), remember not only to
>> copy the data *in* the old filesystem to the new, but also remember to set
>> the permissions correctly on the new filesystem.
>>
>> For example:
>>
>> mount /dev/hdXX /mnt/new-usr
>> cp -ax /usr/* /mnt/new-usr
>>
>> ls -ld /usr and chown, chmod /mnt/new-usr to match.
>>
>> Actually, one can set something like this automatically by doing
>>
>> mount /dev/hdXX /mnt/usr
>> cp -ax /usr /mnt
>>
>> Then cp will copy the top-level /usr directory together with all its
>> attributes.
>>
>> I only mention it because this is something I've forgotten a few times,
>> and gdm, postgres, nntpcached and squid have all got pissed off with me :)
>
> Actually, I think it's better practice to set the sticky bit with "chmod
> 1777 /tmp".
>
>>From the chmod man page:
>
> STICKY DIRECTORIES
> When the sticky bit is set on a directory, files in that
> directory may be unlinked or renamed only by root or their owner.
> Without the sticky
> bit, anyone able to write to the directory can delete or rename
> files. The sticky bit is commonly found on directories, such as /tmp,
> that are
> world-writable.
>
>
> Regards,
>
> Peter.
Very good point, I forgot to do that to my own, just done
it, thanks Peter.
--
....................paul
"The average lifespan of a Web page today is 100 days. This is no way to
run a culture."
Internet Archive Board Chairman
Reply to: