Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Hiding file system

  1. #1
    Join Date
    Oct 2012
    Location
    India
    Posts
    332

    Default Hiding file system

    Hi guys,

    I am using openSUSE 12.3 with xfce desktop and thunar file manager.Now I want to hide all directories under root directory.Actually I thought of removing the file manager but I need to view the pen drives in GUI mode.Is there a way to hide those files.


    thanks in advance.

  2. #2
    Join Date
    Aug 2008
    Location
    Seattle, WA
    Posts
    1,376

    Default Re: Hiding file system

    Quote Originally Posted by nishanth9042 View Post
    I am using openSUSE 12.3 with xfce desktop and thunar file manager.Now I want to hide all directories under root directory.Actually I thought of removing the file manager but I need to view the pen drives in GUI mode.Is there a way to hide those files.
    By "root directory", do you mean the starting point of the directory tree, or the home directory of the root account (/root)? Access to the latter is restricted to root, and it shouldn't be necessary to hide it.

    Hiding everything under '/' probably isn't possible, and not practical, as users' home directories are there. Maybe if you give some details on what your situation is, people will have other ideas to accomplish this.

  3. #3
    Join Date
    Oct 2012
    Location
    India
    Posts
    332

    Default Re: Hiding file system

    Actually I mean the users should not be able to see the directories under root in GUI mode and in other words I need a KIOSK mode.

  4. #4
    Join Date
    Aug 2008
    Location
    Seattle, WA
    Posts
    1,376

    Default Re: Hiding file system

    Quote Originally Posted by nishanth9042 View Post
    Actually I mean the users should not be able to see the directories under root in GUI mode and in other words I need a KIOSK mode.
    There's a kiosktool for KDE. I've never used it, but it might worth a look.

    software.opensuse.org:

  5. #5
    Join Date
    Oct 2012
    Location
    India
    Posts
    332

    Default Re: Hiding file system

    Yeah thanks for the reply but we have some 100 systems with XFCE desktop environment and we are not allowed to change to KDE

  6. #6
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Hiding file system

    On 2013-05-04 21:36, nishanth9042 wrote:
    >
    > Yeah thanks for the reply but we have some 100 systems with XFCE desktop
    > environment and we are not allowed to change to KDE


    Well, hiding directories not created by you is impossible, because in
    Linux hiding means changing the name, and applications needing those
    directories will not find them.

    For example, this is a 12.3 default root directory listing:

    Code:
    eleanor3:~ # ls /
    bin  boot  data  dev  etc  home  lib  lib64  lost+found  media  mnt  opt
    proc  root  run  sbin  selinux  srv  sys  tmp  usr  var
    eleanor3:~ #
    Of the above, the only one that can be hidden is "data", because I
    created it - and as it is a mount point, I have to edit fstab so that
    mounts work.


    If what you need is a kiosk, you will have to choose one that is
    available, and use it. If it needs changing to KDE, so be it.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.1 x86_64 "Asparagus" at Telcontar)
    Last edited by hcvv; 05-May-2013 at 02:28. Reason: repaired CODE tag

  7. #7

    Default Re: Hiding file system

    Three options:

    One:
    Subdirectories can he "hidden" by removing the read permission from the parent, thus if you did:

    Code:
    chmod o-r /
    You would "hide" all contents of the root directory from all non-root users. However, users would still be able to navigate to subdirs if they knew the path, for example they could view /home/them, /var/lib/mysql, /etc ... in thunar if typed in. Of course, you could apply the same to /etc/, /var/, etc. While this security through obscurity approach might work, its obviously limited. Further, removing read permission from / may likely cause unexpected consequences. While most services (mysql, apache, etc) would not be affected (as the dirs they access are owned by them or root) you will may encounter issues. You could test it out easily enough.

    Hummm. . . I wonder if you used an ACL and prevented read access to / for all a group to which all users belonged?

    Code:
    setfacl -m g:users:x /
    Seems to work pretty well, and is more granular. You could experiment with applying this where needed to limit access.

    Two:
    While nautilus will parse a .hidden file if present to mask directories, thunar will not do so without being patched. I appears someone has been done this road before and created a patch to do this, see:

    xubuntu - How to hide (in Thunar and Nautilus) a directory without putting a dot in its name? - Ask Ubuntu

    And the patch at:
    https://bugzilla.xfce.org/show_bug.cgi?id=3189

    Three:
    There was once a kernel patch called LIDS which prevented user space access to system directories, among other things. However, that project has been dormant for a while now. Perhaps you could find something similar.

  8. #8
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Hiding file system

    On 2013-05-05 00:56, LewsTherinTelemon wrote:
    > *One:*
    > Subdirectories can he "hidden" by removing the read permission from the
    > parent, thus if you did:


    This breaks the system, as not all things run as root.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.1 x86_64 "Asparagus" at Telcontar)

  9. #9
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,616
    Blog Entries
    3

    Default Re: Hiding file system

    I'm not sure if this would work. You would have to test it to see.

    1. Create a group "hidden";
    2. Use "chgrp" to put the directories that you want to hide in that group.
    3. Use "chmod g-r" on those directories to make them unreadable.
    4. Put "thunar" in group "hidden" and make it sgid.


    That should work, as long as thunar does not reset its sgid privilege.
    openSUSE Leap 15.1; KDE Plasma 5;
    testing Leap 15.2Alpha

  10. #10

    Default Re: Hiding file system

    Quote Originally Posted by robin_listas View Post
    On 2013-05-05 00:56, LewsTherinTelemon wrote:
    > *One:*
    > Subdirectories can he "hidden" by removing the read permission from the
    > parent, thus if you did:


    This breaks the system, as not all things run as root.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.1 x86_64 "Asparagus" at Telcontar)
    I'd argue its not quite that clear cut that "this breaks the system as not all things run as root" - which of course I never said they did. A system service will a) run either as root, apache, mysqld, etc. b) will not require "other" read access referencing / (unless you can give an example where this is not true?) and d) any syscall to access or fopen() of a specific file would not be affected, only expelling the directory listing of the directory itself should be affected, not access to files therein. Still, I also noted the acl method as well which would be safer, more granular, and have zero effect on system services.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •