The NetStorage exercises in this guide involve users’ home directories and specific files they will copy to those directories. However, neither of the linux* users currently has a home directory.
There are two standard ways to create home directories on Linux servers. The first way is for a user to log in to the server as a local user (or for OES 2, as a LUM-enabled user). For example, opening an SSH session creates a home directory.
Because it is unlikely that you want your users to have direct physical access to a production server, we will use the second way, which is to create the directory manually, assign the user and group to the directory, and then modify access permissions.
There are two methods you can use to do this.
To create home directories for your linux* users using the graphical interface, do the following:
As the root user, open a terminal prompt and enter the following command:
namconfig cache_refresh
This refreshes the LUM cache and is required for Linux-enabled users and groups to display in the GUI unless a few hours have elapsed since you created them. The default cache refresh rate in SP3 is 8 hours.
As the root user on the server’s desktop, click > .
In the left panel, double-click , then double-click the home folder.
If you see home directories for only the ncp_* users that were created in iManager on the HOME_NCP volume, continue with Step 5.
If you see a home directory for one of the linux* users, that means you used it to experiment with SSH access in Step 7, thus creating a home directory for the user. In that case, adjust the steps that follow as required.
Right-click the white space in the right panel and select .
Type linux1_lum-edir as the folder name, then right-click the folder and select .
Click the tab.
Click the drop-down list, then use the Up-arrow and Down-arrow keys to navigate to and select the user.
Notice that the users that you created who are not enabled for LUM are not listed.
Click the drop-down list, navigate to and select , then press Enter.
Neither this group nor the user you selected exist locally. However, because they are LUM-enabled, the server recognizes them as though they do.
The next three lines (Owner, Group, Others) indicate access permissions for the directory owner (linux1_lum-edir), the assigned group (LUMUsers), and everyone else (others).
Notice that both Group and Others have permission to (open) the contents of the folder and (browse its contents). This is not what NetWare® administrators and users expect because home directories are private on NetWare servers.
Make this directory private by deselecting all of the access permissions for Group and Others.
For more information about directory privacy and aligning access on Linux servers to match what NetWare administrators are accustomed to, see Aligning NCP and POSIX File Access Rights
in the OES 2 SP3: Planning and Implementation Guide.
Click .
Right-click the white space in the right panel and select .
Type linux2_lum-edir as the folder name, then right-click the folder and select .
Click the tab.
Change the file owner to linux2_lum-edir and the file group to LUMUsers by using the drop-down lists.
Adjust the permissions for this directory by enabling the Write right for the group. This gives full rights to the user’s home directory for anyone in the LUMUsers group, which is obviously not something you would normally do.
Later in the guide we will use this to contrast default POSIX file permissions with the Novell File and Directory Security Model.
Click .
Continue with Novell CIFS on OES 2.
Creating home directories for the linux* users, assigning ownership of the directories, and granting access permissions involves three terminal commands:
mkdir: Use this command to make POSIX directories.
chown:
Use this command to change user, group, and other ownership of a directory. For more information, see Managing Access Rights
in the OES 2 SP3: Planning and Implementation Guide.
chmod:
Use this command to change access permissions. For more information, see Managing Access Rights
in the OES 2 SP3: Planning and Implementation Guide
Do the following:
As the root user, open a terminal prompt by clicking > .
Create a home directory for the linux1_lum-edir user by entering the following command:
mkdir /home/linux1_lum-edir
Assign the linux1_lum-edir user and the LUMUser group as the owners of the linux1_lum-edir directory.
chown -R linux1_lum-edir:LUMUsers /home/linux1_lum-edir
Neither this group nor the user you specified exist locally. However, because they are LUM-enabled, the server recognizes them as though they do.
By default, both the LUMUsers group and other users on the system have permission to (open) the contents of the folder and (browse its contents). This is not what NetWare® administrators and users expect because home directories are private on NetWare servers.
Assign all access privileges to the user owner of the linux1_lum-edir directory, and no privileges to the group owner or to other users on the system.
chmod 700 /home/linux1_lum-edir
Now create a home directory for the linux2_lum-edir user.
mkdir /home/linux2_lum-edir
Assign the linux2_lum-edir user and the LUMUser group as the owners of the linux2_lum-edir directory.
chown -R linux2_lum-edir:LUMUsers /home/linux2_lum-edir
Adjust the permissions for this directory by enabling the Read, Write and Execute rights for the group. This gives full rights to the user’s home directory for anyone in the LUMUsers group, which is obviously not something you would normally do.
chmod 775 /home/linux2_lum-edir
By default, the permissions are set to 755. This command addss the Write right for the group. For more information, see Aligning NCP and POSIX File Access Rights
in the OES 2 SP3: Planning and Implementation Guide.
Later in the guide we will use this to contrast default POSIX file permissions with the Novell File and Directory Security Model.