| Both sides previous revision
Previous revision
Next revision
|
Previous revision
|
multiuser [2010-01-22 16:38]
asciiphil Link to commands. |
multiuser [2021-02-19 20:18] (current)
asciiphil [Extras] typo |
| ===== Multiuser screen ===== | ====== Multiuser screen ====== |
| |
| screen can allow multiple users to access the same session. This can be useful for all sorts of information sharing, from helpdesk applications to extreme programming. By default, multiuser mode is disabled, for security reasons. | screen can allow multiple users to access the same session. This can be useful for all sorts of information sharing, from helpdesk applications to extreme programming. By default, multiuser mode is disabled, for security reasons. |
| | ===== Basics ===== |
| | |
| | |
| ==== Basics ==== | |
| |
| To start using multiuser mode, use the command ''[[commands:multiuser]] on'' in either your .screenrc or on ''screen'''s [[commands:colon|command line]]. Then use ''[[commands:acladd]]'' or ''[[commands:aclchg]]'' to tell screen about the users that you want to connect. ''screen'' will not allow connections from any user it hasn't been explicitly told about. Once the permissions are set up, the other users run ''screen -r //<your username>///'' to attach. (If you want multiple people (including you) to be attached at the same time, use ''-x'' instead of ''-r''. If you have multiple sessions, put the session name after the slash.) | To start using multiuser mode, use the command ''[[commands:multiuser]] on'' in either your .screenrc or on ''screen'''s [[commands:colon|command line]]. Then use ''[[commands:acladd]]'' or ''[[commands:aclchg]]'' to tell screen about the users that you want to connect. ''screen'' will not allow connections from any user it hasn't been explicitly told about. Once the permissions are set up, the other users run ''screen -r //<your username>///'' to attach. (If you want multiple people (including you) to be attached at the same time, use ''-x'' instead of ''-r''. If you have multiple sessions, put the session name after the slash.) |
| |
| |
| ==== Extras ==== | ===== Extras ===== |
| |
| ''screen'' can require a password before the user connects. To enable this, add a crypted password as a parameter to ''[[commands:acladd]]''. The easiest way to get a crypted password is to run the screen command ''[[commands:password]]''. It will prompt you twice for a password. If the passwords match, it will put the crypted version in the paste buffer. From there, you can [[commands:paste]] it into the config file or onto the command line. | ''screen'' can require a password before the user connects. To enable this, add a crypted password as a parameter to ''[[commands:acladd]]''. The easiest way to get a crypted password is to run the screen command ''[[commands:password]]''. It will prompt you twice for a password. If the passwords match, it will put the crypted version in the paste buffer. From there, you can [[commands:paste]] it into the config file or onto the command line. |
| ''screen'' has a relatively flexible representation of permissions. The permissions that can be set are read, write, and execute. Read does nothing. Write applies to windows and allows the user to type into the windows. Execute applies to commands and allows the user to run the specified commands. "''#''" can be used to apply to all windows and "''?''" to all commands. | ''screen'' has a relatively flexible representation of permissions. The permissions that can be set are read, write, and execute. Read does nothing. Write applies to windows and allows the user to type into the windows. Execute applies to commands and allows the user to run the specified commands. "''#''" can be used to apply to all windows and "''?''" to all commands. |
| |
| Relatedly, only one user can be typing in a given window at once. That user has the window's //writelock//. Normally, writelocks are in auto mode, meaning that whoever types into the window first gets the lock. The lock is relinquished when the user leaves that window. An acquired writelock can also be removed by using the command ''[[commands:writelock]] off''. If the user uses ''[[commands:writelock]] on'', he will keep the writelock even after leaving the window. | When experimenting with permissions, the ''[[commands:su]]'' command is sometimes useful. It allows you to change the effective user for the current display (just like the Unix ''su'' command allows you to operate as a different Unix user). |
| |
| ''screen'' can allow programs to send commands to it via the escape sequence ''ESC ] 83 ; //cmd// ^G''; in order for this to work, the pseudo-user :window: must exist and have the appropriate permissions to execute the supplied command. | Somewhat relatedly, only one user can be typing in a given window at once. That user has the window's //writelock//. Normally, writelocks are in auto mode, meaning that whoever types into the window first gets the lock. The lock is relinquished when the user leaves that window. An acquired writelock can also be removed by using the command ''[[commands:writelock]] off''. If the user uses ''[[commands:writelock]] on'', he will keep the writelock even after leaving the window. |
| |
| ==== Commands ==== | ''screen'' can allow programs to send commands to it via the escape sequence ''ESC ] 83 ; //cmd// ^G''; in order for this to work, the pseudo-user **:window:** must exist and have the appropriate permissions to execute the supplied command. |
| | |
| | ===== Commands ===== |
| |
| * ''[[commands:acladd]]'' - Adds users with full permission to all windows. | * ''[[commands:acladd]]'' - Adds users with full permission to all windows. |
| * ''[[commands:aclgrp]]'' - Adds a user to a group or just describes user's group membership. | * ''[[commands:aclgrp]]'' - Adds a user to a group or just describes user's group membership. |
| * ''[[commands:aclumask]]'' - Sets default permissions for windows not yet created. | * ''[[commands:aclumask]]'' - Sets default permissions for windows not yet created. |
| | * ''[[commands:defescape]]'' - Like ''[[commands:escape]]'', but sets the command character for all users. |
| * ''[[commands:defwritelock]]'' - Sets the default writelock setting for new windows. | * ''[[commands:defwritelock]]'' - Sets the default writelock setting for new windows. |
| * ''[[commands:multiuser]]'' - Enables or disables multiuser mode. | * ''[[commands:multiuser]]'' - Enables or disables multiuser mode. |
| | * ''[[commands:su]]'' - Operate as a different user. |
| * ''[[commands:writelock]]'' - Sets writelock mode for current window. | * ''[[commands:writelock]]'' - Sets writelock mode for current window. |
| |
| ==== Examples ==== | ===== Examples ===== |
| |
| Add user phil with password moo, gives him full permission to everything: | Add user phil with password moo, gives him full permission to everything: |
| |
| <code>aclgrp phil</code> | <code>aclgrp phil</code> |
| | ===== Common problems ===== |
| ==== Common problems ==== | |
| |
| * If you get a "chmod /dev/pts/xx: Operation not permitted" error, it may be because you have ''su'' on a tty you do not own. This does not work because you have to own the tty for ''screen'' to work. | * If you get a "chmod /dev/pts/xx: Operation not permitted" error, it may be because you have ''su'' on a tty you do not own. This does not work because you have to own the tty for ''screen'' to work. |
| |
| * You may also need to set-uid on the screen executable. Do this on your screen executable as root: ''chmod u+s /usr/bin/screen''. This is in ''[[man:start|man screen]]'' towards the end. | * You may also need to set-uid on the screen executable. Do this on your screen executable as root: ''chmod u+s /usr/bin/screen''. This is in ''[[man:start|man screen]]'' towards the end. |
| |
