Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

User should be restricted moving a folder

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers User should be restricted moving a folder
# 1  
Old 10-24-2009
User should be restricted moving a folder
Hi All ,

Some of the users should be restricted using the MV commands on some of the standard folders. We had an issue the other day like from the standard folder structure which was set up one of the user has moved a folder to a different location and the jobs failed as the folder was not existing in the specified location. can any one help me in achiving this task

user should be restricted using some of the commands like MV on some specified folders.

Is this achived by setting some roles and privileges or the .profile of the user, or anything we can set on the folder level.

Thanks
Perlamohan
# 2  
Old 10-24-2009
Hi.

What do you mean by "standard folder"?

Unless you're root, you can't move a directory that you don't own, from a directory that you don't own, unless you have write permissions to both:

Code:
/root # cd /usr
/usr # ll -d . lib
drwxr-xr-x 15 root root 4096 Jun 28 04:43 .
drwxr-xr-x 69 root root 36864 Oct 17 08:22 lib

/usr # su - scott
/home/scott $ cd /usr
/usr $ mv lib /
mv: cannot move `lib' to `/lib': Permission denied
/usr $ exit

/usr # chmod 777 . lib
/usr # su - scott
/home/scott $ cd /usr

/usr $ mv lib ~
/usr $ ls -ld ~/lib
drwxrwxrwx 69 root root 36864 Oct 17 08:22 lib

You should look at tightening up the security on your directories.
# 3  
Old 10-24-2009
I wonder if maybe you are complaining about users removing symlinks in directories they own? If that is what you meant, see mount --bind -it requires making the thing you want to link to a separate filesystem, but that's usually not a big deterrent.
# 4  
Old 10-24-2009
User should be restricted moving a folder
Hi My requirment is like below
we have a project say ABC in the dev environment and the folder structure is like

/abc/dev/
Under this we have a standard folders like source, inbox, target, logs recently we faced an issue like one of the user has moved the logs dir into target dir as the permissions on these folders were 777 as the users would be working in these directories. now the requirement is like the users should not be able to move the standard folders

/abc/dev
/abc/dev/source
/abc/dev/inbox
/abc/dev/target
/abc/dev/logs

Thanks for the response,
Appriciate if you could help me in this regard
thanks
Perlamohan
# 5  
Old 10-24-2009
What are the permissions on /abc/dev?

Is that 777? Does it need to be? Do users need to create files in that specific directory? If not it should be 755, then the user won't be able to move the logs directory out of it.
# 6  
Old 10-24-2009
chmod +t logs source inbox target
The directories can only be deleted/moved by the owner.
# 7  
Old 10-24-2009
I would start with something like this:
Code:
find /abc -exec ls -ld {} \;
drwxr-xr-x 3 root root 4096 2009-10-25 00:44 /abc
drwxr-xr-x 6 root root 4096 2009-10-25 00:45 /abc/dev
drwxrwxr-x 2 root abcusers 4096 2009-10-25 00:44 /abc/dev/source
drwxrwxr-x 2 root abcusers 4096 2009-10-25 00:45 /abc/dev/inbox
drwxrwxr-x 2 root abcusers 4096 2009-10-25 00:45 /abc/dev/target
drwxrwxr-x 2 root abcusers 4096 2009-10-25 00:45 /abc/dev/logs

You can make anyone who needs write access to the four directories a member of the group abcusers. You may also need to set the setgid on those 4 directories if more departments are sharing (and/or use umask 002).

S.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Shell scripting for moving folder specific files into target directory of that country folder.

I need help to write shell script to copy files from one server to another server. Source Directory UAE(inside i have another folder Misc with files inside UAE folder).I have to copy this to another server UAE folder( Files should be copied to UAE folder and Misc files should be copied in target... (3 Replies)
Discussion started by: naresh2389
3 Replies

2. Debian

Create restricted user for programs

want to create a user account for each of the key programs installed on my debian server. For example, for the following programs: Tomcat Nginx Supervisor PostgreSQL This seems to be recommended based on my reading online. However, I want to restrict these user accounts as much as possible,... (3 Replies)
Discussion started by: Spadez
3 Replies

3. AIX

Restricted user

Hello everyone I need to create a restricted user or a special user. Here is what I need. I have this path next to profiles I have server1, server2, server3....... The user that I have to create I need that he can move between server1. server2, server3 because in every one have logs... (1 Reply)
Discussion started by: lo-lp-kl
1 Replies

4. Solaris

create a restricted user

I have solaris 10 os 64 bit. I need to create a restricted user which has the following command to run ls df and du list crontab of root and edit crontab of root also please help (2 Replies)
Discussion started by: reyazan
2 Replies

5. Solaris

Create user with Restricted Space usage

Hi, What is the command or how to create a user with the restricted usage of space on a disk. Also let me know how to change the limit of the space size allotted in future for the same user. ~Vinodh Kumar V M (3 Replies)
Discussion started by: vino_hymi
3 Replies

6. UNIX for Dummies Questions & Answers

Need to create a restricted user(Centos)

Hi, I am a newbie to Linux and I want to create a user which can only execute network config commands like ifconfig and ping(to check the config). The following is what I did but failed. 1) Created a group called 'netconfig'. 2) added a user named 'user'. 3) added user to the 'netconfig'... (4 Replies)
Discussion started by: ankushpandit
4 Replies

7. AIX

A user with restricted ftp access to a folder

Hi, We have Oracle Database on AIX 5.3 server.We want to give ftp access to a user to a specific folder.He should be able to put and get files from that specific folder only.Moreover he should not be able to cd to any other filesystems also along with root directory. Please note that as per... (1 Reply)
Discussion started by: dwiravi
1 Replies

8. Shell Programming and Scripting

To provide restricted access to certain user's on linux box

Hi, I need to provide execute access to certain users and not to all users For ex: if ther is a file /home/august/aug.sh. and there are user's like jan,feb,mar,april,May and jan is the owner of that box. I need to provide execute access to feb and mar only. I also know the root pwd for... (3 Replies)
Discussion started by: Ashok_oct22
3 Replies

9. Shell Programming and Scripting

Moving Files from one folder to another folder

Hi, I have a folder which contain the log files. The folder may contain sub folders as well. I want to move the contents of the log folder to tmp folder periodically. I have used the command. LOG_DIR=/logs DESTINATION_DIR=/tmp/logs find ${LOG_DIR} -mtime +1 -exec mv {}... (10 Replies)
Discussion started by: farooqpervaiz
10 Replies

10. Cybersecurity

Restricted user

A few of the other employees here need to learn "vi" in order to use crontab to schedule / unschedule jobs on one of our production servers. I tried to set up a login on one of my Linux boxes for them to use "vimtutor", but scrapped it and decided to try for something more secure, since there are... (1 Reply)
Discussion started by: LivinFree
1 Replies
Login or Register to Ask a Question