Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
PostPosted: Sun Jun 05, 2011 1:08 am 
Offline
Senior Newbie

Joined: Sun Jan 24, 2010 4:21 pm
Posts: 16
Location: Herning
Hi everyone

I've been running a linode for a while now, but is has been a simple single user system - Me ;)

And now more users are going to be hosted on my linode, mostly just web and version control. But how do i manage that in a secure way for everyone so no one gets access to the wrong libraries.

I thought that one location for everything

/srv

was the most logical thing to do, makes it easier to backup.

For each company / friend i make a set of folders

Single user
/srv/friend1/www
/srv/friend1/svn
/srv/friend1/data

multiple users
/srv/company1/www
/srv/company1/svn
/srv/company1/data

/srv/company2/www
/srv/company2/svn
/srv/company2/data

/srv/friends2and3/www
/srv/friends2and3/svn
/srv/friend2and3/data

But how do i make groups and assign users to these groups, and then limit the user or group to their /srv location?

People are going to use scp to upload files and etc, and when i log in with my normal user today, i can go into any directory and copy files etc - I really don't want ppl to be able to access other ppls files. How do i secure them from eachother?

And is there anything else I've forgot thats crucial?

Hope someone can share some wisdom :)


Top
   
 Post subject:
PostPosted: Mon Jun 06, 2011 1:36 pm 
Offline
Junior Member

Joined: Sun Apr 17, 2005 4:19 pm
Posts: 41
You know, by default, if you add a user, they get their own directory in /home and you can set it so by default /home/user is has 770 permissions (umask of 007) so no one else can see each other's stuff.

Then you can have /home/user1/web, /home/user1/svn, etc. Be sure to make it so /home/$user/web can be read by others so apache can see it. (Unless you're going to run each domain as a different user, there's some apache module for that, too.)

Each user gets a group with their own name. And if you need to create a /home/grouping1 that has multiple people who need access, create a group called grouping1 and then add user1 and user2 to it.

Then you just backup /home and /etc (which has all of your configs) and /root (which, for me contains nothing, but who knows what you're doing).


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group