Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: locking userid to 1 dir?
Operating Systems Solaris locking userid to 1 dir? Post 302072732 by dsbeerf on Friday 5th of May 2006 03:42:41 PM
Old 05-05-2006
What log files, exactly, do they need to view ?

What are they going to be "doing" with those log files ?
Just looking ? Gathering Statistics ? Finding explicit entries in the logs ? Graphing the data that is in the log files ? Importing the files, or PARTS of the files, into some other "application" [Like gathering some statistics into Excel] ?

What does this Solaris machine "do" for you ? Is it a "server" ? What does it "serve" ? Is it a "production machine" ??

Once you define the exact machine "Class", you can then decide on the appropriate type of access to allow. You don't allow general access to a production machine, for instance.

Once you decide the type of access, you can allow it in the most restrctive way. Allowing these users EXACTLY (and ONLY) what they need.

Off the top of my head, you can:

1) Allow FTP access, from a specific internal subnet, to these files after you have moved them to a 'safe' directory. An EXAMPLE is to create an FTP only user, and have a cron script that transfers the data they need into their "home" directory from wherever the log files are actually written. From there, these people can access the data they need.

2) Bring up an Apache web server, serving ONLY the internal networks, and make the DocumentRoot (in the httpd.conf file) the directory you transfer the log files into. This way, anyone who needs the data can "download" it via a browser. No account needed. [But some other security issues are raised.]

3) Create cron script(s) to gather the files (OR data!) these people need into a specific directory (maybe in /var/tmp, maybe elsewhere), then have another cron script check for files in that directory and transfer them to a readily accessible place for the folks to access. An EXAMPLE: My "people" need to know when a specific data set was accessed by the users of a specific application. I create a cron script that looks through the application's log files, and outputs all noted access to that "data set" to another file. This *new* file is then transferred to a Microsoft server that allows the "people" to "mount" that "Share", and access the data they need from their "desktops". Since these "people" are in the "accounts recievable" department, they do not know about or care about UNIX. So I have just given them ONLY what they need.

I have not given any specific answers here, but a few ideas. Let me know if this helps.
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

script to go to a different dir to run a commandline prompt in that dir

Hi, I need to know how I'll be able to write a script that can goto a different dir where I don't have access to read,write and execute and also to run a commandline prompt in that dir with one file whose path has to be specified in that command. Will I be able to do this? Any ideas or... (2 Replies)
Discussion started by: ann_124
2 Replies

2. Shell Programming and Scripting

a script to clone a dir tree, & overwrite the dir struct elsewhere?

hi all, i'm looking for a bash or tcsh script that will clone an empty dir tree 'over' another tree ... specifically, i'd like to: (1) specify a src directory (2) list the directory tree/hiearchy beneath that src dir, w/o files -- just the dirs (3) clone that same, empty dir hierarchy to... (2 Replies)
Discussion started by: OpenMacNews
2 Replies

3. Shell Programming and Scripting

How do I define a particular dir in PATH variable and then unset that dir

How do I define a particular dir in front of PATH variable and then run some job and then at the end of job SET the PATH variable to original? in a script, WILL something like this work: ORIG_PATH=$PATH export PATH=/dir1/dir2:$PATH RUN SOME JOBS ..... unset PATH EXPORT... (2 Replies)
Discussion started by: Hangman2
2 Replies

4. UNIX and Linux Applications

CPIO Problem, copy to the root dir / instead of current dir

HI all, I got a CPIO archive that contains a unix filesystem that I try to extract, but it extract to the root dir / unstead of current dir, and happily it detects my file are newer otherwise it would have overwrited my system's file! I tried all these commands cpio -i --make-directories <... (2 Replies)
Discussion started by: nekkro-kvlt
2 Replies

5. Shell Programming and Scripting

A script to find dir, delete files in, and then del dir?

Hello!! I have directories from 2008, with files in them. I want to create a script that will find the directoried from 2008 (example directory: drwxr-xr-x 2 isplan users 1024 Nov 21 2008 FILES_112108), delete the files within those directories and then delete the directories... (3 Replies)
Discussion started by: bigben1220
3 Replies

6. Shell Programming and Scripting

Perform action in dir if dir has .git subdir

Hi, I want to run git status for the dir which has subdir ".git" in it with dir path mentioned in output log? If a dir does not have .git subdir then skip that dir. Dir will have 100 main dirs & 500 + subdirs and so on. I appreciate all your help :b: (4 Replies)
Discussion started by: dragon.1431
4 Replies

7. Shell Programming and Scripting

moving files from a dir in one machine to a dir in another machines

Hi, I am a unix newbie.I need to write a shell script to move my oracle READ WRITE datafiles from one serevr to another. I need to move it from /u01/oradata/W1KK/.. to /u01/oradata/W2KK, /u02/oradata/W1KK/.. to /u02/oradata/W2KK. That is, I actaully am moving my datafiles from one database to... (2 Replies)
Discussion started by: mathews
2 Replies

8. UNIX for Dummies Questions & Answers

How to list all files in dir and sub-dir's recursively along with file size?

I am very new to unix as well as shell scripting. I have to write a script for the following requirement. In have to list all the files in directory and its sub directories along with file path and size of the file Please help me in this regard and many thanks in advance. (3 Replies)
Discussion started by: nmakkena
3 Replies

9. Shell Programming and Scripting

KSH - Find paths of multiple files in CC (dir and sub-dir))

Dear Members, I have a list of xml files like abc.xml.table prq.xml.table ... .. . in a txt file. Now I have to search the file(s) in all directories and sub-directories and print the full path of file in a output txt file. Please help me with the script or command to do so. ... (11 Replies)
Discussion started by: Yoodit
11 Replies

10. AIX

Assign read write permission to the user for specific dir and it's sub dir and files in AIX

I have searched this quite a long time but couldn't find the right method for me to use. I need to assign read write permission to the user for specific directories and it's sub directories and files. I do not want to use ACL. I do not want to assign user the same group of that directories too.... (0 Replies)
Discussion started by: blinkingdan
0 Replies

LEARN ABOUT SUSE

cannaserver

CANNASERVER(1M) 														   CANNASERVER(1M)

NAME

       cannaserver - Kana-Kanji conversion server

SYNOPSIS

       cannaserver [-d] [-u userid] [-inet] [-inet6] [-l n] [-syslog] [-p num] [ddpath]

DESCRIPTION

       cannaserver(1M)	provides  the  Kana-Kanji  conversion  service.   Most commonly this daemon starts at daemon bootup framework like /etc/rc
       depending on your system, so you do not usually start it up manually.

       By default, cannaserver(1M) only accepts connections from clients at the same host where the server is running (via  UNIX  domain  socket).
       You  can  make  it  accessible  from other hosts via TCP by using option -inet (or -inet6). Whether you use this option or not, you can get
       access control based on user and host using /etc/hosts.canna.

       cannaserver(1M) immediately forks and gets into the background after it starts.	You do not need to use '&' explicitly to make  it  run	in
       the background.

       When  it starts, cannaserver(1M) creates the UNIX domain socket /tmp/.iroha_unix/IROHA[:num] to communicate clients.  The socket is deleted
       automatically if cannaserver(1M) terminates normally.  The socket may exist while cannaserver(1M) is not  running  (because,  for  example,
       cannaserver(1M) terminated abnormally).	In this case, delete the file manually or you cannot start it.

       /var/lib/canna/dic/*/dics.dir  includes	the  list of dictionaries which are available to clients. Users (i.e. clients) can choose which to
       use and specify them in ~/.canna.

OPTIONS

       ddpath	   Specifies the directory that contains dictionaries.

       -inet	   This option lets cannaserver(1M) accept connections from remote hosts using inet domain socket (IPv4).  By  default,  the  can-
		   naserver(1M) uses only UNIX domain socket, i.e. only clients in your local machine can connect to the server.

       -inet6	   Enable  IPv6. If this option is used solely, IPv4 access is disabled.  If you want to use IPv4 at the same time, use both -inet
		   and -inet6.

       -l n	   Outputs the cannaserver(1M) log to /tmp/canna.log.  n (1 to 5) specifies the log level.

       -d	   Starts cannaserver(1M) in debug mode.  It is executed as the foreground process.  Log data at log level  5  is  output  to  the
		   standard output.

       -u userid   Specifies which user cannaserver(1M) runs as.  By default, cannaserver(1M) runs as the user who started cannaserver(1M).

       -syslog	   Outputs the cannaserver(1M) log to syslogd(8). If you specify this option, logs are not output to /var/log/canna/CANNA?msgs.

       -p num	   By this option cannaserver(1M) uses the port number 5680 + num. The default port number is 5680. This option also has an effect
		   on the filename of the socket and the log file. See below.

FILES

       /tmp/.iroha_unix/IROHA[:num]
	       Socket. [:num] part is added only when you specify -p.

       /var/lib/canna/dic/*/dics.dir
	       Dictionary directory

       /etc/hosts.canna
	       Access control file

       /var/log/canna/CANNA?msgs
	       Log file. "?" is replaced with num specified with -p, and defaults to 0 without -p num.	Log messages are not output to	this  file
	       when -syslog is specified.

SEE ALSO

       cannakill(1M), cannastat(1), cannacheck(1), cshost(1)

																   CANNASERVER(1M)
All times are GMT -4. The time now is 01:47 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy