Ghosthaven
January 27th, 2012, 09:35 PM
This may take a moment to explain...
I own and run a MUD (think World of Warcraft except text only
using oldschool telnet protocol). I've ran this MUD for many
years now and for the past year or so have ran it off a home
ubuntu server.
I want to move the MUD to a dedicated VM that runs nothing but
a clean copy of Ubuntu server. This will allow me to give out
limited shell access to other members of my admin staff so the
workload on me is lightened somewhat.
My problem is I'm unable to clearly understand permissions to the
extent that I need to make this work.
My mud has this directory structure.
MUD->
area (read/write required for all users)
logs (read required for all users)
player (locked)
src (no read/write for all files, execution allowed for one
shell script that runs one program in this directory)
My problem is I can't figure out how to arrange it so I can
access everything, the MUD can access all its own files with
both read and write, and so I can limit the access to my staff.
If I give execution access to this one shell script (called
startup in the src directory) then when one of my staff members
runs it, it'll run under their user, which won't have write
access to the area and player directory that the MUD needs.
I THINK the solution is to create a user account just for the
MUD, allowing the MUD to access everything, but limiting it
to other users. But I don't know of any kind of Do-As command
that'll let someone else execute the required shell
script/program as needed. At least not one that doesn't require
knowledge of the password.
I fully understand how chmod and chown work... I just can't
figure out how to use them to get the result I want.
If I haven't explained things clearly, please excuse me... my
brain is fried from worrying about this for hours. I'll be glad
to clear up any gray areas.
I own and run a MUD (think World of Warcraft except text only
using oldschool telnet protocol). I've ran this MUD for many
years now and for the past year or so have ran it off a home
ubuntu server.
I want to move the MUD to a dedicated VM that runs nothing but
a clean copy of Ubuntu server. This will allow me to give out
limited shell access to other members of my admin staff so the
workload on me is lightened somewhat.
My problem is I'm unable to clearly understand permissions to the
extent that I need to make this work.
My mud has this directory structure.
MUD->
area (read/write required for all users)
logs (read required for all users)
player (locked)
src (no read/write for all files, execution allowed for one
shell script that runs one program in this directory)
My problem is I can't figure out how to arrange it so I can
access everything, the MUD can access all its own files with
both read and write, and so I can limit the access to my staff.
If I give execution access to this one shell script (called
startup in the src directory) then when one of my staff members
runs it, it'll run under their user, which won't have write
access to the area and player directory that the MUD needs.
I THINK the solution is to create a user account just for the
MUD, allowing the MUD to access everything, but limiting it
to other users. But I don't know of any kind of Do-As command
that'll let someone else execute the required shell
script/program as needed. At least not one that doesn't require
knowledge of the password.
I fully understand how chmod and chown work... I just can't
figure out how to use them to get the result I want.
If I haven't explained things clearly, please excuse me... my
brain is fried from worrying about this for hours. I'll be glad
to clear up any gray areas.