ScreenMultiUser

Pointers

• ScreeN

Basic Instructions

prerequisites

• screen must be setuid: chmod u+s `which screen`

screen owner

• screen-escape : multiuser on
• screen-escape : addacl <userid> or addacl <username> <crypted-pw>

other user

- screen -ls owneruserid/ - screen -r owneruserid/

other user can't find screen session

Occasionally screen is setuid, and a user starts a multiuser screen and uses addacl to authorize other users, and still other users can't connect.

I took bad notes last time I did this. I haven't validated these instructions yet, but I did something like this:

    # owner should create directory
    mkdir /tmp/screen-wu

    # make directory 700 as required by screen
    chmod 700 /tmp/screen-wu

    # set the SCREENDIR env var.  both users must set this.
    export SCREENDIR=/tmp/screen-wu

    # start screen.  enable multiuser, then second user can connect.
    screen

Permissions

    # remove dude's permission to execute any screen command
    aclchg dude -x "?"

    # allow dude to run next, prev, and select
    aclchg dude +x select,next,prev

    # default permissions to windows
    aclumask dude-wx

    # enable user dude to access the screen session
    acladd dude

    # remove all permissions for user dude
    acldel dude