Correct Permissions for User Read Only Access to Files

Hello –

I’d like to load a few content files as an administrator on my machine, which all other users on my machine can then have read only access to. Is there a directory I should use that will show up for all other users? How would I set permissions such that users preferably cannot delete the files at all (avoid accidents) or cannot delete them for other users?

Thanks,
Jeremy

1 Like

@worldpossible We don’t have such a directory set up by default. Be careful not to be tricked by the /home/shared directory, which is for the special “Shared” account that we include by default.

Setting up a directory with the appropriate permissions is pretty straightforward. For example, wherever you create the directory, just chmod 755 <folder or file name> to give read/execute permissions to all users, but not write permission. I would keep this out of your account’s home directory, since we will be working to make that directory not world-readable (as discussed on the other topic).

The trick is where to create such a folder. We mount the root of the OS without write access, so you cannot create arbitrary directories under /. I think an appropriate location for this is probably under /usr/local/share (/usr/local is a symlink to /var/local, which is not owned/protected by OSTree).

And, if you want such files to be easily seen by users in their home directories, you can probably accomplish that by modifying the contents of /etc/skel (which is used when setting up a new user’s home directory) to create symlinks to the desired content.

This is another example of something that our Solutions team could help set up if we were to build a custom image for your project.

Roddy

1 Like