Solved - Mutltiple users - What should I see in /home?

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Post Reply
wilbobob
Level 3
Level 3
Posts: 125
Joined: Thu Dec 15, 2011 4:30 am
Location: Leicestershire

Solved - Mutltiple users - What should I see in /home?

Post by wilbobob » Mon Mar 23, 2015 2:23 pm

I'm setting up some recycled PC's for a local pre-school with LM17 Mate. I've been asked to provide an Admin account for the Head Teacher, and a restricted account for the staff to do their daily recording. Head is to have access to staff files, but staff do not have access to Heads files.
I've got it working OK, but when I log into the Staff account I can see both the Admin and Staff folders. Is it possible to hide the Admin folder in the /home folder view just to reduce the temptation to try to get into the Admin account from the Staff account?
Last edited by wilbobob on Mon Mar 23, 2015 3:52 pm, edited 1 time in total.
Go Steady, but keep going

MrBob22
Level 3
Level 3
Posts: 194
Joined: Mon Mar 26, 2012 8:05 pm

Re: Mutltiple users - What should I see in /home?

Post by MrBob22 » Mon Mar 23, 2015 2:43 pm

A simple thing to do is append a period in front of the name of the folder. It then is (mostly) hidden. (I say mostly, because you can bypass the hidden thing with ls -a, which lists all the files, hidden or not.) Take care, MrBob22

User avatar
WharfRat
Level 21
Level 21
Posts: 13148
Joined: Thu Apr 07, 2011 8:15 pm

Re: Mutltiple users - What should I see in /home?

Post by WharfRat » Mon Mar 23, 2015 2:46 pm

You can't hide it, but if you chmod it

Code: Select all

sudo chmod 0700 /home/admin
or whatever the account is no one will be able to get a at
ImageImage

User avatar
SleeperService
Level 3
Level 3
Posts: 102
Joined: Fri Mar 20, 2015 12:06 pm

Re: Mutltiple users - What should I see in /home?

Post by SleeperService » Mon Mar 23, 2015 2:58 pm

Changing the names of home folders is a dicey proposition, could break a lot of things...

I would

Code: Select all

sudo chmod 0750 /home/admin
if there is only one admin or

Code: Select all

sudo chmod 0770 /home/admin
if there are multiple users in the admin group and you want them to all be able to access each others home folders. The former will allow r-w-x permissions for the user and r-x permission for the admin group while making the directory inaccessible to the world, the latter will give full permission to the admin group members while also keeping the folders inaccessible to the world.

See here for a full write up. http://www.howtogeek.com/190084/how-to- ... ntu-14.04/ and http://en.wikipedia.org/wiki/File_syste ... c_notation

Edit: see WharfRat beat me to it... chmod 700 should work too... :P Doing that takes the admin group out of the picture altogether.
Think Penguin Korora, i5-4200U, Intel HD 4400, 4gb DDR3, Crucial MX100 SSD, Mint 17.2 Cinnamon 64-bit

wilbobob
Level 3
Level 3
Posts: 125
Joined: Thu Dec 15, 2011 4:30 am
Location: Leicestershire

Re: Mutltiple users - What should I see in /home?

Post by wilbobob » Mon Mar 23, 2015 3:51 pm

Thanks all
As usually happens I can't find the answer I need, so I post a query. Then try searching using a different approach and get where I need. What I found is what you all said. I can hide the admin folder, but then I won't be able to see it when logged in as admin. I can reference the admin folder in another folder called for example .hidden, but same objection applies.
Looks like the only sensible solution is to make sure permissions are such that there is only admin in admin group, and only admin is allowed to read/write within the folder. It'll mean that the staff users will be aware that there is an admin account on the machines, but they'll soon stop seeing it when they become accustomed to looking for their own documents.
Go Steady, but keep going

User avatar
MtnDewManiac
Level 6
Level 6
Posts: 1456
Joined: Fri Feb 22, 2013 5:18 pm
Location: United States

Re: Mutltiple users - What should I see in /home?

Post by MtnDewManiac » Tue Mar 24, 2015 12:38 am

MrBob22 wrote:A simple thing to do is append a period in front of the name of the folder. It then is (mostly) hidden. (I say mostly, because you can bypass the hidden thing with ls -a, which lists all the files, hidden or not.)
...or you could just press Ctrl-h while in the parent directory in just about any file manager :lol: . So... yeah, if you've got employees that would disobey a direct order from a supervisor (vis-à-vis "Do NOT access any directories in the /home folder other than ones under your own name) in the first place, that probably isn't the solution I would choose. (I might, however, place a folder in the /Admin directory called "You are being recorded and if you are seeing this, you are FIRED!")
wilbobob wrote:Looks like the only sensible solution is to make sure permissions are such that there is only admin in admin group, and only admin is allowed to read/write within the folder.
That's common sense. Also, do not give other users "superuser" permissions.
wilbobob wrote:It'll mean that the staff users will be aware that there is an admin account on the machines, but they'll soon stop seeing it when they become accustomed to looking for their own documents.
It shouldn't matter whether they see the existence of another user's (Admin OR another staff member) folders or not, they shouldn't get bent out of shape over not being able to access said folders. If they do, well... They ought to be kindly(?) terminated so that they do not have a chance to influence young children, lol. Or I suppose you could just tell them that when they purchase and install the next 30 computer setups, they can have a small vote in making policy :lol: . But, mainly, I'd probably go with the "this is not YOUR information, would you like me to walk into your house and start looking around when you aren't there" sort of strategy. If they can't deal with it out of simple respect, they can deal with it because it's more than their job is worth to complain about it :roll: .

BtW, thanks for going the linux route instead of Microsoft.

Regards,
MDM
Mint 18 Xfce 4.12.

If guns kill people, then pencils misspell words, cars make people drive drunk, and spoons made Rosie O'Donnell fat.

Post Reply

Return to “Newbie Questions”