Re: granular acl in tmux
On 06/10/2016 02:11 PM, Bob wrote:
> How can I start a screen session as read-only at server end (now it is a
> voluntary option during attach).
Setting a session+user read-only from the server end is a feature I wish
tmux had.
Joining a tmux session read-only seems possible by restricting the
account. One way is to do it via the SSH server, either by modifying
the key with a command= or by modifying sshd_config with a
ForcedCommand. Another way, which I have been using, can be using sudo
where access to another user's session can only be accessed when the
read-only option is set and the specific session is named. Whether you
want a third account for that or not, I don't know, but to share a
session even read-only needs write permissions to the socket.
> how to control rwx ? Are those possible in tmux ?
Controlling rwx is done by setting the privileges for the tmux session's
socket. If it helps, you can specify which socket to use when tmux is
started and that can easily be worked into a short script or shell
function. -S is socket name with full path, but any directories in the
path must pre-exist.
> How can I detach a user from the session,
In which situation? Attaching to a session while detaching any other
clients already attached is "tmux a -d". But there are more options if
you look at the "detach" command in the manual page for tmux.
Regards,
Lars
Reply to: