quarta-feira, janeiro 22, 2014

Applying default permissions for newly created files within a specific folder

How to set default file permissions for all folders/files in a directory?


Applying default permissions for newly created files within a specific folder


[Log in to get rid of this advertisement]
I've been trying to do this for a while, but I haven't found much info on this so I had to put the pieces together myself, so to speak. In essence, I want to change the umask for only one folder, which you can't really do with umask... This is the only way AFAIK to achieve this. Please let me know if there is a simpler way. 

Here is my objective:

I have a folder which I want to share with rw permissions for a selected group of users. Let's say the folder is /music and I want to share it with the group media. What we want is not only having users accessing files in /music with rw access, but also to ensure that all files created in /music will have ownership username:media and permissions -rw-rw-r-- .

To achieve this, we will use two tools:
1) GID
2) ACL (man acl)

GID
Lets assume the /music directory has the following permissions:
Code:
drwxrwxr-x root media
By setting the GID on the directory /music , files created within this directory will have the same group as the /music directory. For example, normally we would expect a newly created file to have the following ownership:
Code:
-rw-r--r--  1 matty users       0 2007-12-06 22:46 newfile
If we set the GID of /music :
Code:
chmod g+s /music
Now, newly created files in /music will have the following ownership:
Code:
-rw-r--r--  1 matty media       0 2007-12-06 22:46 newfile
We are one step closer but what we actually want is:
Code:
-rw-rw-r--  1 matty media       0 2007-12-06 22:46 newfile
so that other users in the group media will be able to modify/delete the file.

ACL

ACL is included in the default Slackware install (for Ubuntu sudo apt-get install acl should do the trick). To "activate" it, you simply have to remount the drive with the acl option.

My fstab looks something like this (modify yours appropriately - don't mess it up!):
Code:
/dev/hdb1        /music          ext3        defaults,acl     1   2
I have used ACL with reiserfs and ext3. I'm not sure how it works with others. Also, it seems that you don't have to specify acl in the options for xfs partitions.

Now remount the drive for it to take effect:
Code:
mount -o remount /music
We can now use ACL to create default permissions for for newly created files in /music
Code:
setfacl -d -m g::rwx /music
setfacl -d -m o::rx /music
Check the new permissions:
Code:
getfacl /music
The output should look something like this:
Code:
# file: /music
# owner: matty
# group: media
user::rwx
group::rwx
other::r-x
default:user::rwx
default:group::rwx
default:other::r-x
We're done. For those who prefer a GUI, you can execute the steps outlined above using Konqueror. Right click -> permissions -> advanced permissions. Mess around with those options at you leisure.

Now, when we create a new file in /music :
Code:
touch newfile
ls -l newfile
Gives us:
Code:
-rw-rw-r--+  1 matty media       0 2007-12-06 22:46 newfile
The plus sign is to indicate ACL attributes are in effect on the file.

Newly created folders in /music should have:
Code:
drwxrwsr-x+ 2 matty media 48 2007-12-06 23:15 newfolder/
Applying this idea to an already existing messy /music folder with subdirectories.

Before you do this as root in a valuable folder, its probably a good idea to practice as user in a not so valuable folder in your home directory to avoid potentially disastrous mistakes.  Before using chmod and chown with -R as root, think carefully...

Set GID as described above:
Code:
chown -R :media /music
chmod 775 music
chmod g+s /music
ls -ld music should give us
Code:
drwxrwsr-x   3 matty media
*** find a way to set the g+s on all subdirectories ***
This is pretty straight forward using konqueror. Select all the directories and right click, permissions, and advanced permissions.
From the command line: ???

We can apply acl recursively:
Code:
setfacl -R -d -m g::rwx -m o::rx /music
This creates the default rules for newly created files/dirs within the /music directory and subdirectories.

If the original files in there were created with a "standard" umask, most of them will have permissions similar to:
Code:
-rw-r--r--
drwx-r-xr-x
Assuming this is the case, we can fix this with
Code:
chmod -R g+w /music
That should do it. 
Your files in /music should now be group (media) writeable. New files will be created with group media and be group writeable as well.

Last edited by mattydee; 11-07-2009 at 03:37 PM.

segunda-feira, janeiro 13, 2014

Malware virus removal with AdwCleaner

Remove Topic Torch by WebCake virus (Removal Guide)

AdwCleaner removes lots of mallware


The AdwCleaner utility will scan your computer for Topic Torch by WebCake malicious files and registry keys, that may have been installed on your computer without your knowledge.
  1. You can download AdwCleaner utility from the below link.
    ADWCLEANER DOWNLOAD LINK (This link will automatically download AdwCleaner on your computer)
  2. Before starting AdwCleaner, close all open programs and internet browsers, thendouble-click on the AdwCleaner icon.
    [Image: AdwCleaner Icon]
    If Windows prompts you as to whether or not you wish to run AdwCleaner, please allow it to run.
  3. When the AdwCleaner program will open, click on the Search button as shown below.
    [Image: AdwCleaner scanning for Topic Torch by WebCake]
    The program will now start to search for Topic Torch by WebCake malicious files that may be installed on your computer. When it has finished it will display a notepad screen that contains a log file of all the WebCake extensions, files, and registry keys that have been detected. Unless you see a program name that you know should not be removed, please close the Notepad window and continue with the next step.
  4. To remove the Topic Torch by WebCake malicious files that were detected in the previous step, please click on the Delete button on the AdwCleaner screen.
    [Image: Adwcleaner removing Topic Torch by WebCake]
    AdwCleaner will now prompt you to save any open files or data as the program will need to reboot the computer. Please do so and then click on the OK button.

quarta-feira, janeiro 01, 2014

Desative o Modo Protegido no Excel - BABOO

Desative o Modo Protegido no Excel - BABOO

Desative o Modo Protegido no Excel

Por  | em 07/Maio/11 |
Os aplicativos do Office 2010 apresentam o Modo de Exibição Protegido para impedir que arquivos potencialmente perigosos acabem executando algum código malicioso na sua máquina.
O problema é quando o recurso atrapalha a produtividade – quando temos que usar muitos arquivos anexos de e-mail, por exemplo. Neste tutorial do BABOO,vamos aprender como desativar o Modo de Exibição Protegido no Excel 2010,e os procedimentos são análogos para outros aplicativos da suíte.
01. Veja um exemplo de documento barrado pelo Modo de Exibição Protegido. Basta clicar em Habilitar Edição para trabalhar no arquivo normalmente – mas pense como isso atrapalha o trabalho do dia-a-dia quando vários arquivos devem ser editados.
Modo Protegido no Excel
02a. Quando você tem um arquivo barrado aberto, o Menu Arquivo já dá a opção de configurar o Modo de Exibição Protegido, clicando em Configurações do Modo de Exibição Protegido. Outra forma de entrar nas configurações é clicando em Opções, na parte esquerda do menu.
Modo Protegido no Excel
02b. Na janela de Opções do Excel, clique em Central de Confiabilidade e no botão Configurações da Central de Confiabilidade.
Modo Protegido no Excel
03. Em Modo de Exibição Protegido, basta desmarcar as categorias de documentos que não mais serão barradas pelo recurso, como arquivos originados da internet e arquivos em locais potencialmente inseguros.
Modo Protegido no Excel
04. Já na Guia Locais Confiáveis você pode cadastrar pastas (Adicionar novo local…) cujo conteúdo sempre será considerado seguro. Assim você não precisa necessariamente desativar o Modo de Exibição Protegido.
Modo Protegido no Excel