Subject: | |
From: | |
Reply To: | |
Date: | Mon, 7 Jan 2008 16:36:25 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On Mon, Jan 07, 2008 at 16:21, Daniel Widyono wrote:
> I liked the simplicity and robustness of Ken's answer: use unix groups.
>
> > We would like to create accounts for restricted users
>
> To be sure we understand the requirements, what precisely do you mean by
> "restricted users"? Do you *only* mean the following?
>
> > These users would have access to the filesystem
> > as appropriate, but would not be allowed to run the applications living
> > under /opt and /usr/local.
That's pretty much it.
> If you only mean the above, then in the context of "primarily for data
> sharing purposes", what precisely do you mean by "access to the filesystem as
> appropriate"?
They would have access to their own home directories and to special
group directories set up explicitly for file sharing among members of a
(unix) group.
They would be able to run standard binaries, but would be explicitly not
able to run the applications (mostly for statistical analysis) installed
under /usr/local (globally) and /opt (local to specific nodes).
Cheers,
Pann
--
Pann McCuaig <[log in to unmask]> 212-854-8689
Systems Coordinator, Economics Department, Columbia University
Department Computing Resources:
http://www.columbia.edu/cu/economics/computing/
|
|
|