Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: chmod to give a remote server read priveleges to a client home directory

  1. #1
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    750
    Distro
    Ubuntu 20.04 Focal Fossa

    chmod to give a remote server read priveleges to a client home directory

    Hello Ubuntuers!

    I've set up a server computer to backup a home directory on a client computer.

    The user name on the server is: serverusername.

    The server ip address is: serveripaddress.

    The home directory of the client computer is: /home/username

    On the client computer, I want to issue a chmod command that gives serverusername computer read permission to /home/client and everything within (below) /home/client

    On the client computer I need to change read permissions for /home client using the chmod command.

    This is what I think the command should look like:

    chmod -R servername#serveripaddress o=r /home/username

    Am I correct?

    If I'm not correct, would you kindly offer a correction?

    Thanks!
    Old Jimma from the Old Country

  2. #2
    Join Date
    Jun 2019
    Location
    Dirndl-land
    Beans
    858
    Distro
    Lubuntu 20.04 Focal Fossa

    Re: chmod to give a remote server read priveleges to a client home directory

    chmod only changes the permissions for files/directories, meaning drwxrwxrwx (user/group/other).
    If you want to change ownership, you need to use chown, which only applies to user:group.

    As I understand it, you want to allow an external server to access and read a certain file structure, but it is not a group member, so: other.
    In that case, your command on the client would be:

    chmod -R o+rx /home/username

    "x" is needed for "other" to traverse the subdirectories.

    Now, how your server gets access is a completely different story.

  3. #3
    Join Date
    May 2006
    Location
    Switzerland
    Beans
    2,904
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: chmod to give a remote server read priveleges to a client home directory

    Quote Originally Posted by Old Jimma View Post
    This is what I think the command should look like:
    Just no, no, no. Messing with file permissions and file ownerships at your currently low level of knowledge is bound to destroy things. The safest approach for you would be to install "openssh-server" on the server, and the package "rsync" on both client and server, and then push your backup onto the server.

    Code:
    rsync -avz --progress /path/you/want/to/backup serveraccount@serveraddres:/path/where/the/backup/should/go/
    Taddaaa. No need to mess with permissions or anything!!

  4. #4
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    750
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: chmod to give a remote server read priveleges to a client home directory

    Hi scorp123:

    Thanks for your reply and what would seem to be the exact solution to almost what I want to do, maybe not quite.

    I'm not going to use rsync. Maybe later but not for starters.

    But thanks for your reply. It gives me something to think about.


    Take care!
    Old Jimma from the Old Country

  5. #5
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    750
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: chmod to give a remote server read priveleges to a client home directory

    HI mi9104:

    Thanks for your reply.

    I'm accustomed to using chmod commands that are more like what you wrote.

    I wondered about your command. Doesn't it give rx privileges to ALL OTHERS?? (cap letters added only to try to communicate clearly, and not irritate you. Sorry if they did. Hope you see my point.)

    What I want is to issue privileges only to one very specific other: serverusername@serveripaddress

    Thanks,
    Old

  6. #6
    Join Date
    May 2006
    Location
    Switzerland
    Beans
    2,904
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: chmod to give a remote server read priveleges to a client home directory

    Quote Originally Posted by Old Jimma View Post
    What I want is to issue privileges only to one very specific other: serverusername@serveripaddress
    That command does NOT WORK LIKE THAT.

    You really need rsync.

    The core of the problem is that you are conflating local file permissions, local file ownership, local file access control lists with network protocols, e.g. topics that do not really have anything to do with each other. You'd have to implement some kind of central directory service (e.g. LDAP or Active Directory) and some kind of file sharing / network protocol (e.g. SMB or NFS) that is governed by that central directory to make all these things work in tandem, hand in hand. Long story short: Way too complicated. Takes months to aquire the needed skills and know-how for each of these, and then takes days and several attempts to get it implemented in a way that would work.

    Just use "rsync" and push the backup from client to computer. Takes like 5 minutes to implement this and it's not complicated at all.
    Last edited by scorp123; July 28th, 2021 at 02:44 AM.

  7. #7
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    750
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: chmod to give a remote server read priveleges to a client home directory

    Thank you for your thoughtful reply, scorp123.

    I've read authoritative web sites that have indicated that a secure server must have been granted permission. to have access to a client. This tread is about following up on that assertion to learn more.

    Sorry this post has frustrated you. Ok if you want to give up.

    I hope others will offer advice.

    Take care,

    Old

  8. #8
    Join Date
    May 2006
    Location
    Switzerland
    Beans
    2,904
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: chmod to give a remote server read priveleges to a client home directory

    Quote Originally Posted by Old Jimma View Post
    I've read authoritative web sites that have indicated that a secure server must have been granted permission. to have access to a client.
    First of all: Which web sites exactly? Not all web sites that claim to be "authoritative" are really deserving of such a title.

    Second: It really depends on what exactly they were talking about. Were they talking about a Windows environment with an Active Directory infrastructure, where every server computer and also client computer also has an Active Directory account, and thus giving one machine read access over the files of another machine actually does work?

    Linux is not Windows and such things don't work like that here. Not without some massive tweaking and installing lots of extra services and extra packages, e.g. LDAP, NFS, and the like.

    What does work and is straightforward is SSH (and by extension: "rsync" via SSH), e.g. you can exchange SSH keys between systems and then "User A" on Client A could login as "Admin B" on Server B. Or vice versa, whichever way you want the communication to take place. That's easy to implement, but does not involve any manipulations of any local file permissions. Since both sides (e.g. "User A" on Client A, "Admin B" on Server B ...) work with the files they already have permissions to there's no need to "grant the other system permissions" or manipulate any local files to get this to work.

    And for the record: I'm not "frustrated", I'm trying to prevent you from hosing your own system with commands that might have potentially unwanted side-effects and not do what you think they do.

  9. #9
    Join Date
    May 2010
    Beans
    1,631

    Re: chmod to give a remote server read priveleges to a client home directory

    Well obviously a server needs to grant access to the client for it to work. Isn't that what all this chmod nonsense is about.
    I'd give a +1 to the rsync option. Swap SSH keys and you are set. The transmission of data will also be secured.
    If you setup a central authentication system like LDAP then you can use a single account instead and apply permissions based on those accounts. You don't have this (as far as I can tell) so you will need to work with local authentication systems. You can't just use another system's username in a chmod command on a remote system. Authentication doesn't work like that.
    The accounts on a system are held in /etc/passwd and do not store any accounts for any other system than itself.

  10. #10
    Join Date
    Mar 2006
    Location
    Slipery Slope, Earth
    Beans
    750
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: chmod to give a remote server read priveleges to a client home directory

    Hi AcitonParsnip:

    Thanks for your reply. I appreciate it.

    I realized that I omitted what may be a few key pieces of information:

    Both the client and server are my machines. On the client, I want to grant priveleges to the server to read files.

    Learning how to do that is the only objective of my post. Thank you for your comment on rsync. However, at this point of my project
    • I'm interested in understanding the security issues, only.



    To achieve further understanding about the security issues I wondered more about a recommendation make previously
    to use the code rsync -avz --progress /path/you/want/to/backup serveraccount@serveraddres:/path/where/the/backup/should/go/ and not be concerned about permissions

    My specific question is: once a person A knows the home directory name and IP address of another persons (B) computer, what's to stop person A from hacking person B using, for example, the code listed above?

    I'll look foward to understaning your reply, ActionParsnip!

    Thanks,
    Old

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •