Sponsored Content
Top Forums UNIX for Dummies Questions & Answers Setup of user groups and permissions Post 302175307 by citygov on Thursday 13th of March 2008 03:43:49 PM
Old 03-13-2008
Setup of user groups and permissions

Hi folks, thanks for reading this. I have been asked to manage our company's SCO OpenServer 5 system since the old administrator left. I have a very basic knowledge of Unix, but only the basic commands - ls, ps, chmod, etc.

This server holds thousands of programs (converted Basic programs, dating back to the '70s) and files for two entities - our city hall and our public utilities. Up to this point there have only been two login ID's - one for city functions, the other for utility functions. Whoever logged in had run of the house for that area - payroll, accounts receivable, billing, etc. Unless permissions were purposely set low for a program or file, employees from the two entities could not access or modify the other entity's stuff. If a person is working on the city side and needs to do something on the utility side, they have to log out and log back in with the utility id.

We have a new finance director who wants to implement tighter security - and I'll admit it's probably time we did. I have outlined how the employees should be broken down into user groups: cityhigh (high restriction), citymed (medium restriction), and citylow (low restriction); and the same on the utility side (utilhigh, utilmed, utillow). Low restrictions for the managers, high restrictions for the users, and medium for - well, I'm not sure yet. Of course, I also need full access available to myself and the director so he can cross the boundaries of city and utilities effortlessly. There are also employees that work with both city and utility programs. I have already given each employee a unique login and assigned them to one of these groups. This is all fairly easy with the gui interface in SCO.

So how should I proceed now? For instance, I need the folks in the cityhigh group only to have access to one or two modules (say, data entry for assessments and season park passes), while the folks in the citylow group need access to those AND payroll AND utility accounts payable. Same with the utility side.

Do I need to adjust the permissions for every file to allow only this group and that group? Or is there an easier way to kind of "mass" update the whole system? Do I need to set different permissions values to each group?

I know this isn't going to be a quickly finished project, so I'm taking it step by step. I had suggested that our city contact a unix consultant to do this for us, but I was told it isn't in the budget.

Thank you for reading all the way to the end!

Mike
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

dynamic user groups

Is it possible to dynamically allocate a new user group to an existing session on Solaris 5.8 I'd like to be able to allow certain users to access a set of scripts for the life of session (preferably there own session not a specific login created for the purpose) by dynamically giving the session... (0 Replies)
Discussion started by: hammer
0 Replies

2. Shell Programming and Scripting

Extract directories, users, groups & permissions to excel

Hi As the title descibes I wish to create an excel spreadsheet which lists all directories in full allong with the users, groups and rights. I have not used Perl scripts before so I'm a little lost on this on. Cheers (0 Replies)
Discussion started by: MacLon
0 Replies

3. UNIX for Dummies Questions & Answers

Adding user to groups

How do I add a user to a group? And how do I determine the list of groups to add a user? Solaris 10 newbie (1 Reply)
Discussion started by: peteythapitbull
1 Replies

4. UNIX for Dummies Questions & Answers

User groups

Hi I have a user zak and 4 groups:- oracle stats data archive I want user zak to be part of the oracle and stats group but not be able to view,list anything in data and archive. Also anyone in the data and archive group should not be able to view,list anything in oracle and stats....... (3 Replies)
Discussion started by: Zak
3 Replies

5. Solaris

Setting user groups

Hi......... I'm trying to set a group of users to login to do a required super-user tasks without knowing the super-user passwd. For example...a user popodude logs in as self with passwd..system accepts the password & then automatically asks for the super-user account passwd. My goal is... (1 Reply)
Discussion started by: Remi
1 Replies

6. AIX

user & groups

1 - what is the maximum no: of groups a user can be a part of ? 2 - what is maximum no: of users a group can contain ? (6 Replies)
Discussion started by: senmak
6 Replies

7. UNIX for Dummies Questions & Answers

Multiple groups in directory / file permissions

Hi I need to permit one group to have r-x permissions on all files in a directory and another group to have just read access, im confused how to do this as if i set the 'Other' permission class as read access then all users will have access to them. So basically i have a directory which the... (2 Replies)
Discussion started by: m3y
2 Replies

8. AIX

Nested user groups

Is there a command to nest a group in another group in AIX. (2 Replies)
Discussion started by: daveisme
2 Replies

9. UNIX for Dummies Questions & Answers

How to make user groups and edit permissions?

OK guys and gals. I've been working on a debian system for a little bit, in hopes of making it into a system we can use for manifests and other things. I am very new to unix, particularly debian. I would like to make 2 or 3 different groups. 1 would be for me, and other people... (1 Reply)
Discussion started by: samee71
1 Replies

10. UNIX for Beginners Questions & Answers

ACL permissions setup

All, I am building a glusterfs environment for file storage and need to set up ACL's as there are multiple users that need different types of access. I have ingested ~20TB of needed data to /toplevel dir and: chown -R root:root /toplevel ; chmod -R 775 /toplevel What I need from ACL as... (0 Replies)
Discussion started by: hburnswell
0 Replies
CGCONFIGPARSER(8)						 libcgroup Manual						 CGCONFIGPARSER(8)

NAME
cgconfigparser - setup control group file system SYNOPSIS
cgconfigparser [-h] [-l <filename>] [-L <directory>] [...] OPTIONS
-h, --help Displays help. -l, --load=FILE Parses the control groups configuration file Sets up the control group file system defined by the configuration file and mounts mount points defined by the configuration file. The format of the file is described in cgconfig.conf. This option can be used mul- tiple times and can be mixed with -L option. -L, --load-directory=DIR Finds all files in given directory and parses them in alphabetical order like they were specified by -l option. This option can be used multiple times and can be mixed with -l option. -a <agid>:<auid> defines the default owner of the rest of the defined control group's files. These users are allowed to set subsystem parameters and create subgroups. The default value is the same as has the parent cgroup. -d, --dperm=mode sets the default permissions of a control groups directory. The permissions needs to be specified as octal numbers e.g. -d 775. -f, --fperm=mode sets the default permissions of the control group files. The permissions needs to be specified as octal numbers e.g. -f 775. The value is not used as given because the current owner's permissions are used as an umask (so 777 will set group and others permis- sions to the owners permissions). -s, --tperm=mode sets the default permissions of the control group tasks files. The permissions needs to be specified as octal numbers e.g. -f 775. The value is not used as given because the current owner's permissions are used as an umask (so 777 will set group and others per- missions to the owners permissions). -t <tuid>:<tgid> defines the default owner of tasks file of the defined control group. I.e. this user and members of this group have write access to the file. SEE ALSO
cgconfig.conf (5) Linux 2009-03-16 CGCONFIGPARSER(8)
All times are GMT -4. The time now is 09:57 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy