[K12OSN] home directory permissions

[David L. Willson]

On Thu, 10 Jul 2008 12:43:19 -0400, John Lucas wrote
> > Ernie Hudson wrote:
> >>
> >> Does anyone have an easy way to change the permissions on the home 
> >> directories so that only the owner has access to it. We have some very 
> >> bright students and they have found out that they can copy work from 
> >> someone else and have more free time. I am using the 5EL and have 
> >> single sign on using likewise open from my windows server using active 
> >> directory. I know I can change them one at a time using [UTF-8?]�chmod 700 
> >> [UTF-8?]filename�. I am not adept at writing scripts and hoping someone can help.
> >>
> >>  
> >>
> > Do get the basics of shell-scripting down.  I'd recommend heading over 
> > to http://www.tldp.org and reading the Advanced BASH Scripting Guide.  
> > That's how I learned how to do it.  Extremely handy skill and very 
> > necessary, just as important as writing .BAT or .REG files on Windows.
> > 
> > Now to your specific question.  That's pretty easy to do.  All you 
> > really have to do is change the top level directory permissions under 
> > /home, i. e. no recursion needed.  I'd do it like this, in a basic FOR loop:
> > 
> > #!/bin/bash
> > cd /home
> > for dir in *
> > do
> >   chmod 700 $dir
> > done

No looping needed to just do the root of each home-folder unless there are a ~lot~ of
home-folders.

$ sudo chmod 700 /home/*
 -or-
# chmod 700 /home/*

> > If you want to recurse down and change everything in everyone's homedir 
> > to permissions 700, just add the "-R" switch after "chmod".

I wouldn't do that.  That will mark all the files user-executable.  A better command, if
you want do be recursive about it might be:

# chmod -R go-rwx /home/betty
 - or -
$ sudo chmod -R go-rwx /home/betty


That will turn off read, write, and execute for group and others, but not change
anything else, like 777 does.