Wednesday, January 26, 2011

shared directory in linux?

so every user has a home folder.

but where do we put all shared files for a project?

thanks

From serverfault ajsie

  • Doesn't really matter, though I myself (and a lot of other people) tend to put things in /usr/local/projectname. Just set up a group, chown that directory to the group, and put all the people who are working on the project in that group.

    Really though, you should be using a source code repository such as CVS or Subversion when you're developing the code. It's much better than a shared directory.

    ajsie : i am using svn=) but for other files, it could be good to have a shared folder to access through the web.
    From Satanicpuppy

  • Wherever you like :)

    Seriously, I create a group folder which is accessible by members of a particular group working on a project.

    ajsie : but users are chained in their home directory. how do i make it available for them?
    Fladi : Please explain to us why they are chained to their $HOME? Are you talking about FTP or chroots?
    ajsie : i thought that regular users cant go outside there home folder? am i mistaking? so they can "cd" everywhere? isnt that a security problem?
    SvenW : No, if the system is configured in a sensible matter, it is not, as users are not allowed to do anything harmful for the system. For instance, you can change into /etc as normal user but are not allowed to read /etc/shadow with the passwords except you are root.
    ajsie : but why should users be allowed to be outside there home folders? what is the point? cause they do not maintain anything and should not sneak around in the system?
    labradort : Unix/Linux is generally an open system. The security is in place where needed. Try it. Can an ordinary user overwrite files in /usr/bin? No. Can an ordinary user see the error logs for apache or other services? Generally, no. Can an ordinary user create new folders nilly-willy on the system outside of the home dir? No.
    joschi : When normal users could only see their own `$HOME` (e. g. because of a *chroot*ed environment), they'd need their own `/tmp`, their own `/etc/passwd`, their own `/etc/resolv.conf`, their own ... - you get the point. So it's easier to let them read these files. As already mentioned, the users should not be able to harm the system when it's correctly configured.
    SvenW : One important reason is: You can't just restrict access to configuration files or binaries, or otherwise you couldn't use them. For instance, whenever you do an ls -l to list a directory with full usernames, the system will lookup the numerical uid it reads from the file system in /etc/passwd to give a name to that. This wouldn't be possible if the user couldn't read the file (contrary to it's name, this file doesn't hold any passwords). You couldn't even do the ls, because this is a binary for which you need the right to read and execute it in order to run it.
    From SvenW
Posted by Mu Cat at 6:20 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)