LXDE under a new user

[Georgetoon]

I'm runnng KDE under my maon user name. I'm running LXDE under a iffrent account, just to keep things )strt menus, etc.) from conflicting.

I want access to the documents folder in account #1.  can I issue a chown command to take owner ship of a specific folder for both users?  i did this while in LXDE, and it rmoved access form the KDE uer.  so, I want both to have owndership.  I'm thinking it would be chown userone usertwo /directory.

[pags]

Check man chown or chown --help.  You're missing a colon ( : ).

Code: [Select]

chown userone:usertwo /home/directory

(obviously, "userone", "usertwo" and "directory" are placeholders, here).

[DeBaas]

Assign both users toe each others group and check Read/Write options.
Manage Users in PCC > System

[Georgetoon]

Thanks, guys. I think I'm getting to the point (slowly, though) where I understand the Konsole commands more than the GUI.

But, nice to know I have both available.  Because, if I keep messing up the command, I can always go to PCC>system.  Nice!

[pags]

Actually, DeBass' approach is the better one...

I quick check reveals a number of CLI commands that appear relevant to this, as well:

groupmems
lgroupmod


You could also edit the /etc/group file directly...

Manage Users in PCC would have more sanity checks, though, making it the safest approach.

If you're interested in more command, try this:

Code: [Select]

apropos group | grep -i user


[Georgetoon]

Actually, DeBass' approach is the better one...

I quick check reveals a number of CLI commands that appear relevant to this, as well:

groupmems
lgroupmod


You could also edit the /etc/group file directly...

Manage Users in PCC would have more sanity checks, though, making it the safest approach.

If you're interested in more command, try this:

Code: [Select]

apropos group | grep -i user


I'll certainly check DeBaas' approach.  But it gets a bit confusing checking from which account to which account.  I guess only because I don't fully understand the process. 

I'm the only user on the system, so I'm not sure how safety enters into the equation.

[pags]

Actually, DeBass' approach is the better one...

I quick check reveals a number of CLI commands that appear relevant to this, as well:

groupmems
lgroupmod


You could also edit the /etc/group file directly...

Manage Users in PCC would have more sanity checks, though, making it the safest approach.

If you're interested in more command, try this:

Code: [Select]

apropos group | grep -i user


I'll certainly check DeBaas' approach.  But it gets a bit confusing checking from which account to which account.  I guess only because I don't fully understand the process. 

I'm the only user on the system, so I'm not sure how safety enters into the equation.

Yes, but if you add each user to the other user's primary group, you'll only need to do that once, and you won't have to worry about future file permissions (or, changing the default mask to accommodate it, going forward)...

[Georgetoon]

Actually, DeBass' approach is the better one...

I quick check reveals a number of CLI commands that appear relevant to this, as well:

groupmems
lgroupmod


You could also edit the /etc/group file directly...

Manage Users in PCC would have more sanity checks, though, making it the safest approach.

If you're interested in more command, try this:

Code: [Select]

apropos group | grep -i user


I'll certainly check DeBaas' approach.  But it gets a bit confusing checking from which account to which account.  I guess only because I don't fully understand the process. 

I'm the only user on the system, so I'm not sure how safety enters into the equation.

Yes, but if you add each user to the other user's primary group, you'll only need to do that once, and you won't have to worry about future file permissions (or, changing the default mask to accommodate it, going forward)...

Okay, see here's where I'm confused.  Let's call the user DAN. Let's cal the second user JON.  Now, in user settings, I edit DAN and add the group JON.  ka, what has just happened? Does DAN now have access to JON?  Or does JON now have access to DAN?

I just tried this and it's not working.

[pags]

Don't edit the user...edit the group.

Each user has one primary group..., but can be members of many other groups.

So, in your example, go to the "Groups" tab, pick the "JON" group, go the the "Group Users" tab and select "DAN" (in addition to "JON", already selected).

[kjpetrie]

A file can only be owned by one user and grouped to one group. chown changes the user but can't add users. Optionally you can use chown to set the group for the file by adding a colon after the user and putting the group there. That's not what you want to do.

Putting both users in the same group is the approach you need, combined with suitable permissions. Ideally, this shouldn't be in a user's /home/user/ directory since that is supposed to be private to the user (700 permission) and other users shouldn't be able to access anything beneath it. You should really create a shared directory (say /home/shared/) for this and set its permissions to 770 to allow its owner and group members to write to it. This shared directory can be owned by one of the users but the group depends on how you want to share access.

The next thing is to decide whether you want the second user to have access only to the files in the shared directory or potentially anything grouped to the first user. If the latter you can simply add the first user to the second user's primary group. Each user will need a umask of 002, 006 or 007 to ensure files are stored by default with permissions that will allow full group access. Directories need to have 774, 771 or 770 permissions and files 664 or 660 permissions which these umasks will achieve.

If you want more limited access you can create a special group for the sharing (say "sharegrp") and add both users to it. In that case you would need to change the group ownership of each file on creation to sharegrp. However, that's probably more cumbersome than you need.

You probably only want to do this one way round since both users will have full access if they are members of the group and either not the owner or the owner has access also. However, if both users will create files you might want to do a reciprocal membership to ensure the file is accessible to both whichever created it.

I'm not sure it matters which interface you use, but the user is always added to the group, so if you add user DAN to group JON, DAN will be able to access anything the JON group has permission to access unless he is the owner and the owner is forbidden (which is very unlikely).

So if file x has owner:group of JON:JON and permissions of 660 (-rw-rw----) DAN and JON could both read and modify it (JON as owner and DAN as group member). If it had 640 permission both could read it but only JON could modify it and if it had 460 permission both could read but only DAN could modify it (but it is very rare to give the owner less permission than the group). On the other hand, if the file were owned:grouped by someuser:JON, both JON and DAN would access it according to the group permissions of the file.

Hope that's clear.

[Georgetoon]

Don't edit the user...edit the group.

Each user has one primary group..., but can be members of many other groups.

So, in your example, go to the "Groups" tab, pick the "JON" group, go the the "Group Users" tab and select "DAN" (in addition to "JON", already selected).

Did all this.  Did not work.  Reboot or log off?

[pags]

Don't edit the user...edit the group.

Each user has one primary group..., but can be members of many other groups.

So, in your example, go to the "Groups" tab, pick the "JON" group, go the the "Group Users" tab and select "DAN" (in addition to "JON", already selected).

Did all this.  Did not work.  Reboot or log off?

Have you read through kjpetrie's post?  Do you know the file permissions for each user's ~?

The group rights need to be permissive enough to allow this to work...

[Georgetoon]

Don't edit the user...edit the group.

Each user has one primary group..., but can be members of many other groups.

So, in your example, go to the "Groups" tab, pick the "JON" group, go the the "Group Users" tab and select "DAN" (in addition to "JON", already selected).

Did all this.  Did not work.  Reboot or log off?

Have you read through kjpetrie's post?  Do you know the file permissions for each user's ~?

The group rights need to be permissive enough to allow this to work...

Yes. My head is swimming a bit.  I understand the concept, just trying to figure the mechanics.

[Georgetoon]

Okay, I've gone into PCC and I've selected the users and added each other to their groups and this gives me no access to their folders/directories.  I know I'm missing something.

I don't want to have a common shared directory. I want to work in KDE and save all my documents in my documents folder.  I'm also running LXDE, but don't want to copy the entire documents directory over to a new user account.

Okay, whey two users?  it was recommended up here tht this might be a good thing to do, especially if you tweak either DE.  i can easily just run LXDE and KDE under the same user account, but again, configuring might mess things up.

so, two user accounts. KDE is my main DE so, I simply want to access access the documents folder on each user account so I an edit to my cartoon work from either account without having to copy things from one user documents folder to another.

I think the solution is simply chown userone:usertwo /directory.

[kjpetrie]

Not really. chown userone:usertwo /directory would make the directory owned by userone but in usertwo's primary group. This would enable userone to access it as owner and usertwo (and anyone else in group usertwo) to access as group. You would still have to ensure the usertwo group had at least enter permission for the directory and every directory above, and probably read and write permissions for the directory as well. If the directories above are not grouped to usertwo they would need their world (others) permissions set. Enter permission (--x or 1) means you can access the directory's contents. Read permission (r-- or 4) means you can list its contents and write permission (-w- or 2) means you can create or delete files.

Your problem is most likely a 700 (drwx------) permission in a directory above. This prevents group and others accessing any directory below and is the default (and only strictly safe) permission for a user's home directory. That's why you should put the shared directory outside a user's home.

Whilst, for maximum protection against interaction, it might be wise to use LXDE and KDE as separate users, they do store their configuration in different places, apart from non-specific things you would probably want the same in both environments so, unless you want your LXDE set up differently from your KDE at a user rather than desktop level, there should be no harm in accessing them from the same user. I have both on my system and I use KDE for local access and LXDE for remote access as the same user. That's because KDE reacts badly if it's opened at a different screen resolution from usual and my laptop has a smaller screen than my desktop, so I use LXDE instead for remote access so KDE is not disturbed. That's my reason for using both desktops. What's yours? If we knew that we could probably hazard a guess as to whether you really need different users.