# chmod/permissions assistance



## empty (Mar 1, 2011)

Hello,

I am trying to *chmod* users so they can't view other users' files. A simple [cmd=]chmod 710[/cmd] works fine, but then the user can't use their public_html. I have read chmod(1) but don't know 100% what to look for..

Any assistance would be appreciated!

/empty


----------



## SirDice (Mar 1, 2011)

Make sure your users don't all share the same group. Normally you'd create a group with the same name as the user. This group is the user's primary group. Setting the directory to 750 means only the owner and members of that group can enter that directory. 

The public_html will need 755 because the www user your webserver runs on needs to access it.


----------



## empty (Mar 1, 2011)

Hello,

I think I fixed it,

`chmod 750 /home/test`
`chmod 755 /home/test/public_html`
`chown -R test:www /home/test`

What do you think of this solution?

/empty


----------



## SirDice (Mar 1, 2011)

The last chown pretty much overrules the other two commands.

This will reset it back to 'normal'

```
chown -R test:test /home/test
find /home/test -type f -exec chmod 640 {} \;
find /home/test -type d -exec chmod 750 {} \;
```

To allow access to public_html:

```
chmod 755 /home/test/public_html
chmod 644 /home/test/public_html/*
```

Just give the "other" group read access.


----------



## gordon@ (Mar 2, 2011)

SirDice said:
			
		

> The last chown pretty much overrules the other two commands.
> 
> This will reset it back to 'normal'
> 
> ...



The web server runs as the www user and needs to be able to traverse the home directory, I would use permissions like:


```
drwx--x--x test test /home/test
drwxr-xr-x test test /home/test/public_html
```

Or just move the public_html directory outside of the users' home directory entirely.


----------

