TildeClub/site
1
1
Fork 0
mirror of https://github.com/tildeclub/site.git synced 2026-03-10 05:50:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

groupmems availability

Browse Source 
added groupmems functionality for users.
This commit is contained in:
deepend-tildeclub
2025-12-12 08:44:43 -07:00
committed by GitHub
parent 26845ec2f0
commit 1c4afa6e03
1 changed files with 55 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
wiki/source/security.md
View File

@@ -1,10 +1,9 @@
--- ---
title: Editing Basic UNIX Security the Tilde way title: Editing Basic UNIX Security the Tilde way
author: michaelcoyote author: michaelcoyote. updated by deepend
category: tutorials category: tutorials
--- ---
> "Unix is public by default. This means that other people who use the server can see your files. You can change that on a file-by-file basis. You can also change the default behavior for you. It is totally okay to keep your stuff private. Let us show you how." > "Unix is public by default. This means that other people who use the server can see your files. You can change that on a file-by-file basis. You can also change the default behavior for you. It is totally okay to keep your stuff private. Let us show you how."
Unix was built with a fairly open security policy. It's the kind of system you might expect a bunch of Berkley hippies to design. That said, if it bugs you that someone might be able to look the files in your home directory and you don't want to read any more of this document then run these commands: Unix was built with a fairly open security policy. It's the kind of system you might expect a bunch of Berkley hippies to design. That said, if it bugs you that someone might be able to look the files in your home directory and you don't want to read any more of this document then run these commands:
@@ -25,7 +24,7 @@ There are several attributes that define a user.
- user id (or uid) - user id (or uid)
This is your unique numerical id number on the system. This is how the system keeps track of you, your processes, and your files. This is your unique numerical id number on the system. This is how the system keeps track of you, your processes, and your files.
- group id (or gid) - group id (or gid)
This is a unique numerical id number for your primary user group on the system. User groups are the traditional way that users would colaberate on large projects. This is a unique numerical id number for your primary user group on the system. User groups are the traditional way that users would collaborate on large projects.
For now we only need to know about the username. For now we only need to know about the username.
@@ -48,7 +47,6 @@ What does this long file listing of `my_file` show us?
-rw-rw-r-- 1 youruser youruser 177 Oct 13 04:51 my_file -rw-rw-r-- 1 youruser youruser 177 Oct 13 04:51 my_file
---------- --- ------- -------- ----- ------------ ------------- ---------- --- ------- -------- ----- ------------ -------------
| | | | | | | | | | | | | |
| | | | | | File Name
| | | | | +--- Modification Time | | | | | +--- Modification Time
| | | | +------------- Size (in bytes) | | | | +------------- Size (in bytes)
| | | +----------------------- Group owner | | | +----------------------- Group owner
@@ -78,6 +76,7 @@ The first column at first glance looks like a bunch of alphabet soup, however if
#### Types of permissions #### Types of permissions
There are three major types of permissions (and a hand full of others) There are three major types of permissions (and a hand full of others)
- Read - Read
Read permission is represented as an `r` and will allow a listing of a directory and reading a file. Read permission is represented as an `r` and will allow a listing of a directory and reading a file.
- Write - Write
@@ -116,7 +115,6 @@ Examples
ls -l test/a_file ls -l test/a_file
#### Basics about the `finger` and `chfn` commands #### Basics about the `finger` and `chfn` commands
How to see others in the system using `finger` How to see others in the system using `finger`
@@ -154,3 +152,46 @@ The `id` command is a tool to show us how the system keeps track of us. From thi
- use the `grep` command to find your uid in the `/etc/passwd` file - use the `grep` command to find your uid in the `/etc/passwd` file
As noted above, we can obtain our group id using the `id` command. Try locating your group in `/etc/group` using the commands that were specified above; your group name will probably be the same as your user (although at times this might not be true depending on the configuration of the system). As noted above, we can obtain our group id using the `id` command. Try locating your group in `/etc/group` using the commands that were specified above; your group name will probably be the same as your user (although at times this might not be true depending on the configuration of the system).
#### Using your personal group for collaboration (`groupmems`)
On this tilde server, each user normally has a *personal* group with the same name as their login. For example:
- user: `youruser`
- primary group: `youruser`
You can use this personal group to give trusted friends access to files and directories you own, without making them world-readable.
To make this easier, the server provides a helper command you use with `sudo`:
- List who is in your personal group:
```sh
sudo self-groupmems list
```
- Add another user to your group:
```sh
sudo self-groupmems add otheruser
```
- Remove a user from your group:
```sh
sudo self-groupmems del otheruser
```
This only affects membership of **your** personal group. It does **not** change your primary group, and it does not let you modify other system groups.
Once someone is in your group, you can share things with them by making the group the owner and giving it access:
```sh
# Make a shared directory
mkdir ~/shared
# Set the group to your personal group (usually already true)
chgrp "$USER" ~/shared
# Let your group read/write/enter it, but keep others out
chmod 770 ~/shared