Re: x only works for root

To: debian-user@lists.debian.org
Subject: Re: x only works for root
From: Paul Morgan <paulswm@earthlink.net>
Date: Sun, 30 Nov 2003 19:18:08 -0500
Message-id: <[🔎] pan.2003.12.01.00.18.06.717514@earthlink.net>
References: <[🔎] 3FCA4016.3040808@comcast.net> <[🔎] pan.2003.11.30.19.16.06.165466@earthlink.net> <[🔎] 3FCA4E09.6020606@comcast.net> <[🔎] pan.2003.11.30.20.33.49.544956@earthlink.net> <[🔎] 1070237421.459.2.camel@cordelia>

On Mon, 01 Dec 2003 00:10:22 +0000, Peter Whysall wrote:

> On Sun, 2003-11-30 at 20:34, Paul Morgan wrote:
>> On Sun, 30 Nov 2003 14:07:37 -0600, tripolar wrote:
>> 
>> > Thanks a million
>> > both gnome & kde work now as regular user
>> > Paul Morgan wrote:
>> > 
>> >>/tmp should be owned by root and open to everyone:
>> >>
>> >>drwxrwxrwx    9 root     root         4096 Nov 30 14:14 /tmp
>> >>
>> >>as root, do
>> >>chown root:root /tmp
>> >>chmod 777 /tmp
>> >>
>> >>
>> >>  
>> >>
>> 
>> Great!
>> 
>> BTW, One thing to look out for (not you specifically, but any reader
>> in general): if one is breaking out filesystems into separate partitions,
>> or copying filesystems (or LVs if you're using LVM), remember not only to
>> copy the data *in* the old filesystem to the new, but also remember to set
>> the permissions correctly on the new filesystem.
>> 
>> For example:
>> 
>> mount /dev/hdXX /mnt/new-usr
>> cp -ax /usr/* /mnt/new-usr
>> 
>> ls -ld /usr and chown, chmod /mnt/new-usr to match.
>> 
>> Actually, one can set something like this automatically by doing
>> 
>> mount /dev/hdXX /mnt/usr
>> cp -ax /usr /mnt
>> 
>> Then cp will copy the top-level /usr directory together with all its
>> attributes.
>> 
>> I only mention it because this is something I've forgotten a few times,
>> and gdm, postgres, nntpcached and squid have all got pissed off with me :)
> 
> Actually, I think it's better practice to set the sticky bit with "chmod
> 1777 /tmp".
> 
>>From the chmod man page:
> 
> STICKY DIRECTORIES
>        When  the  sticky  bit  is set on a directory, files in that
> directory may be unlinked or renamed only by root or their owner. 
> Without the sticky
>        bit, anyone able to write to the directory can delete or rename
> files.  The sticky bit is commonly found on directories, such as  /tmp, 
> that  are
>        world-writable.
> 
> 
> Regards,
> 
> Peter.

Very good point, I forgot to do that to my own, just done
it, thanks Peter.

-- 
....................paul

"The average lifespan of a Web page today is 100 days. This is no way to
run a culture."

Internet Archive Board Chairman

Reply to:

References:
- x only works for root
  - From: tripolar <tripolar@comcast.net>
- Re: x only works for root
  - From: Paul Morgan <paulswm@earthlink.net>
- Re: x only works for root
  - From: tripolar <tripolar@comcast.net>
- Re: x only works for root
  - From: Paul Morgan <paulswm@earthlink.net>
- Re: x only works for root
  - From: Peter Whysall <peter@whysall.net>

Prev by Date: Re: Godel [was Re: qmail Re: freebsd - Re: recommended Virus Scanner?]
Next by Date: Re: Modem detection and installation problems
Previous by thread: Re: x only works for root
Next by thread: improving security on a home server
Index(es):
- Date
- Thread