Permissions question

I have a windows app that runs nicely under wine. What I need to do is give
access to multiple users to the same app. It’s an accounting app with it’s
own password and access controls so security is not a primary concern but
the nature of the app requires everyone to operate on the same dataset.
Being a windows app, it of course requires that its’ data reside in the
same directory so I’m a bit limited in where all this can reside.

Any suggestions as to how to allow multiple users to access a common wine
app? Common access from virtual machines appears to be even more
problematic than wine for this purpose.


Will Honea

Do you mean remote users, or users alternating in the local machine?

Either way, I think you’d start by including the users in the group to which the wine executable belongs, and make it executable by the group. You should check on the security implications, if any.

If your problem involves remote users maybe posting in the networking subforum would be better.

couldn’t you add a new user, say named “money”, and have the winApp’s
dataset and setup in /home/money/.[appName]…then give the password
for ‘money’ to all those users you want to have access to the
app…and, teach them how to close one user’s session and sign in
again, as ‘money’…

too simple?


deConficter

Please make sure that the windows application is really a multi-user one. If the data is just residing in some flat files, I very much doubt that it can be simultaneously accessed and updated by multiple users.

deConficter wrote:

> couldn’t you add a new user, say named “money”, and have the winApp’s
> dataset and setup in /home/money/.[appName]…then give the password
> for ‘money’ to all those users you want to have access to the
> app…and, teach them how to close one user’s session and sign in
> again, as ‘money’…
>
> too simple?

Actually, this is too complicated for the users in question :wink:

Perhaps a better description of the situation would help. The users consist
of two groups: several volunteers who share a single machine and a small
staff connected via LAN. The app in question has evolved to where it
employees decent security internally to partition access to the various
functions it provides and the internal db server appears to handle multiple
access pretty well. The problem I’m having is that it grew to multi-user
functionality in such a half-assed manner that there is no clean
client/server definition and I can’t find a decent Linux replacement for
it.

I’m trying to wean the whole organization off Windows and this is my final
obstacle. In a pure Win network, the app resides in a distinct directory on
one machine. That directory is shared as a unique entity and everyone is
able to run the app from various accounts on the home machine as well as
remotely via the network share. If I could figure out the permissions, I
could simply put the app in a unique directory that everyone could access
to run the wine emulation but I got myself wrapped around the post trying
that so I came here for suggestions. I’m open to any ideas including one or
more substitute apps for a complete church management package.


Will Honea

OK, I got it done but it took a lot of fiddling and tracing. Assuming the
app is installed on Linux under wine, I had to map the Linux wine folder
containing the program as a Win drive via Samba (Win has never liked UNC
paths!) then copy a couple of Win dlls from the program install disk to
appropriate locations on the Win box then run the program from the mapped
drive on Win. That lead to some convoluted permission issues but it works.
From other Linux boxes or from other accounts on the actual server box, I
had to copy the same Win components to the individual account wine folders
defining the simulated C: drive. I also needed to define a specific
user/password for the Win clients and define a specific group to assign
membership of just the users authorized access to the program to keep the
rif-raf out. A lot of hassle to get going but it beats the heck out of
fighting Windows problems on the network. I’m getting too old for
these “learning opportunities”!!


Will Honea

> The users consist of two groups: several volunteers who share a
> single machine and a small staff connected via LAN.

is it not possible to create a new group (YaST > Security and Users
> Group Management) named ‘money’ and set ownership/read/write of the
db, its directory and the executable (all three, just two or only
one?) to that group only…then join those you want to have access to
that group…


deConficter

deConficter wrote:

>> The users consist of two groups: several volunteers who share a
>> single machine and a small staff connected via LAN.
>
> is it not possible to create a new group (YaST > Security and Users
>> Group Management) named ‘money’ and set ownership/read/write of the
> db, its directory and the executable (all three, just two or only
> one?) to that group only…then join those you want to have access to
> that group…

Messages crossed in the ether <g>. I did neglect to mention setting the
permissions on the actual directory structure. Using that logic, you can
define a SAMBA share that further isolates any other directory in the
owner’s home directory - even other wine programs.


Will Honea