I should add that there is another side effect to using chflags(1)
on a users home directory:

Files and directories directly below are append only and can not
be deleted or renamed.
   
To avoid a buildup of unwanted files and folders you may need to:
  a) Include a README file explaining the behavior.
  b) Set $HOME to a directory  below username as default.
    ex. .profile HOME=/home/brucea/comc1867
                 HOME=/home/brucea/brucea
    Better ideas Anyone? Time for a chroot jail?

BA-


On Tue, Aug 14, 2001 5:36 AM, Bruce Anderson <mailto:brucea@spacestar.net>
wrote:
On Sun, Aug 12, 2001 8:10 AM, Roby Sadeli <mailto:netcitizen01@yahoo.com>
wrote:
>G'day folks,
>
>i'd like to ask for suggestions for my problem here :
>i have a netbsd 1.5 which is used for lab courses.
>there are several lab courses, for example:
>1.      algorithms
>2.      database_programming
>
>and i've got students in my server as follows :
>username        group           courses taken
>rot             student         algorithms
>dummy           student         database_programming
>brainy          student         algorithms, database_programming
>guru            teacher
>
>i want all students *not to share* their works with one
>another and make
>sure the teachers
>can access the students' work in their home directory.
>
>i come up with a solution like this :
>* change students' directory permission to 750

YES.

>* change owner of students' directories to teacher
>(freebsd keeps telling me that the owner of the
>directory doesn't belong to the owner)

This should be:

Student is OWNER of home DIR.
Student is must not be a member of GROUP teacher.
Place all students in GROUP users only.
Add all instructors to GROUP teacher.



>* blocking chmod (but sometimes the students use this)
>
>i'm sure better solutions exist.
>
>thanks in advance,
>roby
>



You can stop chmod(1) by using chflags(1) to lock the
students home DIR.

Use the "sappnd"  (system append-only flag (super-user only)).

Note that after using chflags(1), changing|removing|moving
a student's DIR will requier kern.securelevel < 1 in order
for chflags(1) to unset the system flag.
You need to build your kernel with:
 options INSECURE
See init(8) for why.


PS.
Don't forget to write this up in a man page as part of your
local useradd(8) modifcations.


Read chflags(1) init(8) options(4) ls(1)

CHFLAGS(1)

   Flags are a comma separated list of keywords.  The following
      keywords are currently defined:

      arch    set the archived flag (super-user only)
      opaque  set the opaque flag (owner or super-user only)
      nodump  set the nodump flag (owner or super-user only)
--->> sappnd  set the system append-only flag (super-user only)
      schg    set the system immutable flag (super-user only)
      uappnd  set the user append-only flag (owner or super-user only)
      uchg    set the user immutable flag (owner or super-user only)

     Putting the letters ``no'' before an option causes the flag to be
     turned off.

INIT(8)

     0  Insecure mode - immutable and append-only flags may be changed.
        All devices may be read or written subject to their permissions.

     1  Secure mode - system immutable and system append-only flags may
        not be turned off; disks for mounted filesystems, /dev/mem, and
        /dev/kmem are read-only.


OPTIONS(4)

  options INSECURE
  Hardwires the kernel security level at -1.  This means that the system
  always runs in secure level 0 mode, even when running multiuser. See the
  manual page for init(8) for details on the implications of this.  The
  kernel secure level may [be] manipulated by the superuser by altering the
  kern.securelevel sysctl(3) variable (the secure level may only be lowered
  by a call from process ID 1, i.e.  init(8)).  See also sysctl(8) and
  sysctl(3).


LS(1)

     -o   Include the file flags in a long (-l) output.  If no file flags
          are set, ``-'' is displayed.  (See chflags(1) for a list of pos-
          sible flags and their meanings.)
---

   The Long Format
     If the -l option is given, the following information is displayed
     for each file:
           file mode
           number of links
           owner name
           group name
           file flags (if -o given)
           number of bytes in the file
           abbreviated month file was last modified
           day-of-month file was last modified
           hour and minute file was last modified
           pathname

LS(1)



Ex.

root@cougar# mkdir -m 750 bruce
root@cougar# chown bruce:users2
root@cougar# chflags sappnd bruce

root@cougar# ls -lo
total 1
drwxr-x---  2 bruce  users2  sappnd 512 Aug 14 03:39 bruce


root@cougar# grep bruce /etc/group
wheel:*:0:root,bruce
users2:*:1001:brucea

root@cougar# su bruce
bruce@cougar$ pwd
/tmp
bruce@cougar$ mkdir bruce/home_work
bruce@cougar$ touch bruce/home_work/assn_1.c    
bruce@cougar$ cat /var/log/messages >bruce/home_work/assn_1.c
bruce@cougar$ chmod 777 bruce
chmod: bruce: Operation not permitted

OK.

brucea@cougar$ cd /tmp
brucea@cougar$ ls -loRF bruce
total 1
drwxr-xr-x  2 bruce  users2  - 512 Aug 14 03:50 home_work/

bruce/home_work:
total 3
-rw-r--r--  1 bruce  users2  - 2504 Aug 14 03:51 assn_1.c

brucea@cougar$ tail -n 1 bruce/home_work/assn_1.c
Aug 14 03:49:13 cougar named[105]: XSTATS

OK.

Change /etc/Group
root@cougar# grep bruce /etc/group
wheel:*:0:root,bruce

brucea logs out and back in.

brucea@cougar$ cd /tmp
brucea@cougar$ ls -R bruce
ls: bruce: Permission denied
brucea@cougar$ tail -n 1 bruce/home_work/assn_1.c
tail: bruce/home_work/assn_1.c: Permission denied





" Stamp out root logins .  .  .  . su "   --Bruce Anderson  
 This message was created and sent using Cyberdog 2.0, MacOS 8.6,
 awk, find, sed, sendmail, sh, and NetBSD a free Multi-Platform OS.
 NetBSD runs on thirty-one  different system  architectures featuring
 twelve distinct families of CPUs.   http://www.netbsd.org/