Good day to everyone. I have a comprehension problem of permissions, groups and "back in time". Following situation: user A permissions 700 user B permissions 700 both users belong to group "users" now: A (and only A!) should be able to backup the data of A and B. This to avoid confusion of the user and make sure he/she it does not log out the user before the process of backup has finished. The account A is also an account were no "surfing" or "games" and so on are taking place, thus it is somewhat more valuable than B. Backintime should be configured to run residential. It should recognize when the external disk for backup is attached by the user and should do then a backup (if criteria are met in terms of time and changes). B should not be able to do this. Thus when (while user in B) a hdd is attached, the resident process should not start the backup. (This is the desired setup). Both user should stay however in the situation of 700 to each other (as I cannot exclude that in future there will be a third account that shall not have access rights to neither A nor B. One though I have was that I could define a group e.g. backintime so to be able to use backintime you would be necessarily a member of it. But that does not resolve me the problem of different access rights for A and B for what is the functionality of backintime. I do not think that I could make that new user without being part of "users" because I suppose a lot of scripts are taking for granted that you are part of users. Am I mistaken here? And how would I have to define access rights? If I give backintime root access, this would be unnecessarily wide as it should not run as root, it only hat to do a backup of the two home directories. So in short: how to define two users A and B in order to give A access to the files to B in order to backup them, not give that rights to B, not to work as root. And maintain (if possible - at least for B) the mutual no access thing). So if necessary A can be able to read B. B shall not be able to read A. Any new user created should have access neither to A nor B. Was that clear of did I loose you completely here? _________________________________________________________________ ________________________________________________________ Ihre E-Mail-Postf�cher sicher & zentral an einem Ort. Jetzt wechseln und alte E-Mail-Adresse mitnehmen! https://www.eclipso.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org