Thanks for all the speedy responses. The two that seem the most
workable for our situation are:
>From Jeff Borah - SUNY Farmingdale
You should be able to do this with acl's (access control list).
You can man acl for more information or you can just do;
setacl -u user:teacher:rwx user_directory
teacher = teacher's username .
user_dir = the directory you want the teacher to have access to.
You can then use getacl to see the acl of that directory.
and from Oscar Knight at Appalachian State University:
We are running 4.0b with C2. We are currently doing what you wish.
However, I'm not sure you could implement this "quickly".
Here's how we do it.
1) there is a group, csf whose members are the faculty.
2) the students have a directory in there home directory for each
class.
3) The following is an example of how the students home dir and
class
dirs are setup.
Student id: jd956
Home dir: /u/css/jd956
ls -ld /u/css/jd956
drwxrwx--- 6 jd956 csf 8192 Dec 11 09:29 jd956/
ls -la /u/css/jd956
drwxrwx--- 6 jd956 csf 8192 Dec 11 09:29 ./
drwxr-xr-x 644 root system 16384 Jan 26 12:37 ../
-rw------- 1 jd956 csf 654 Oct 10 20:41 .Xauthority
-rw-r--r-- 1 jd956 csf 1074 Oct 20 16:50 .cshrc
drwx------ 2 jd956 904 8192 Jan 23 1998 .elm/
-rw-r----- 1 jd956 csf 1987 Oct 10 20:55 .emacs
-rw-rw---- 1 odk csf 3 Aug 23 15:44 .forward
-rw-r--r-- 1 jd956 csf 418 Oct 12 17:32 .login
drwxrwxrwx 2 sadmin csf 8192 Oct 19 16:58 3481
drwxrwxrwx 2 sadmin csf 8192 Oct 19 16:58 4667
drwx------ 2 jd956 904 8192 Dec 7 10:23 Mail/
-rw-rw---- 1 jd956 csf 11 Oct 8 11:50 dead.letter
drwxrwx--- 2 jd956 csf 8192 Oct 19 16:58 tmp/
The class directories are 3481 and 4667. As you can see the
permissions
and ownership on the class directories are rather different. The
owner is sadmin, a "Student Admin" an account that's disabled. The
group is the "faculty group". The permissions are 777 which allows
the student to use the directory. Also, we make the initial group for
the students the same as their uid number, hence the 904 group. Note
that their mail is still private.
That's about it. However, there are "SIDE AFFECTS". The HOME DIR
must have permissions 770!!! To make it more open would alow others
access to the class dirs. This means NO home dir based web pages. And
'finger jd956' does not return the .plan and .project files. However,
'finger jd956_at_host' will include the .plan and .project files. Also,
since ALL the faculty are in the csf group then ANY faculty can seen
ANY student's class directories. So, you must TRUST ALL of your
faculty.
I suggest that if you do something like this you spend lots of time
thinking about it. I'm sure I'm forgetting some of the "side
affects".
I am considering making some changes. I'm thinking of making the
class
dirs seperate from the home dirs. This will remove the permission
restriction on the home directories. The class dirs will be in
another part of the tree. The students will have to 'cd' there to do
their class work.
Keith C. Barth
Network Administrator
Information and Technology Services
Aquinas College
1607 Robinson Road, SE
Grand Rapids, MI 49506
mailto:barthkei_at_aquinas.edu
Received on Thu Jan 28 1999 - 20:40:48 NZDT