"Dynamic" Group Permissions? Post: 302261646

Sponsored Content

Operating Systems Linux Red Hat "Dynamic" Group Permissions? Post 302261646 by en7smb on Tuesday 25th of November 2008 09:23:24 AM

11-25-2008

Registered User

"Dynamic" Group Permissions?

Hi all,

Apologies if the answer is out there somewhere, I did have a search about.....

In my environment of a RHEL 4 machine and users all listed out in LDAP (say, userA in a deptZ primary group; userB in same deptZ primary group, plus deptY secondary group), I am trying to find a mechanism to provide permissions on files based on username AND user location.

Essentially through my software - which is essentially kicked off by a .sh file and this is where I am trying to put this logic - I want a userA session running in deptA to create a file with permissions:
.rw.r..... userA deptZ file1

A userB session can then read the file when physically in deptZ, but somehow his membership of deptZ is removed when he physically is not in that dept, ie he is down the corridor in deptY. My software startup .sh file for each session can flag which dept the user is in, so I am looking for someway in the script to turn this flag into granting/denying access to the file for each particular session.

Any ideas? Am I crazy?!

Thanks for looking,

Steve

en7smb

View Public Profile for en7smb

Find all posts by en7smb

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

passing a list of dynamic names to a "PS" command in shell script?

Hi, I am new to shell script. This is my first post .I have written a small script which returns list of names starts with "ram" in /etc/passwd .Here is that:- #!/bin/ksh NAME_LIST="name_list.txt" cat /dev/null > $NAME_LIST evalcmd="cat /etc/passwd | grep "^ram?*" | cut -d: -f1" eval...

2. UNIX for Dummies Questions & Answers

Explain the line "mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'`"

Hi Friends, Can any of you explain me about the below line of code? mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'` Im not able to understand, what exactly it is doing :confused: Any help would be useful for me. Lokesha

3. HP-UX

To give the "unzip" permissions & "create" file permissions

Hi, I am a Unix Admin. I have to give the permissions to a user for creating new file in a directory in HP-Ux 11.11 system since he cannot able to create a new file in the directory. Thanks in advance. Mike

4. Shell Programming and Scripting

awk command to replace ";" with "|" and ""|" at diferent places in line of file

Hi, I have line in input file as below: 3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL My expected output for line in the file must be : "1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL" Can someone...

5. Shell Programming and Scripting

Makefiles and "Dynamic" Rules

I have a configuration file, foo.cfg, and a script, bar.sh. bar.sh generates .cc and .h files based on foo.cfg. To exemplify, let's say it creates apple.cc, apple.h, banana.cc, banana.h, carrot.cc, carrot.h, and so on. How do I write a Makefile that runs bar.sh if and only if foo.cfg has...

6. Shell Programming and Scripting

Dynamic variables and our friend "if"

Hi guys, Sorry if it is somewhere in the forum, I've checked for an hour or so with my google friend and can't figure this one out. Not counting the 2 hours I spent yelling at it. Welcome to BASH + AIX $LSLV -l $LV | $GREP -v $LV | $GREP -v "IN BAND" | $AWK '{print $1}' | while read PV;...

7. UNIX for Dummies Questions & Answers

Using "mailx" command to read "to" and "cc" email addreses from input file

How to use "mailx" command to do e-mail reading the input file containing email address, where column 1 has name and column 2 containing �To� e-mail address and column 3 contains �cc� e-mail address to include with same email. Sample input file, email.txt Below is an sample code where...

8. Shell Programming and Scripting

Bash script - Print an ascii file using specific font "Latin Modern Mono 12" "regular" "9"

Hello. System : opensuse leap 42.3 I have a bash script that build a text file. I would like the last command doing : print_cmd -o page-left=43 -o page-right=22 -o page-top=28 -o page-bottom=43 -o font=LatinModernMono12:regular:9 some_file.txt where : print_cmd ::= some printing...

9. AIX

Apache 2.4 directory cannot display "Last modified" "Size" "Description"

Hi 2 all, i have had AIX 7.2 :/# /usr/IBMAHS/bin/apachectl -v Server version: Apache/2.4.12 (Unix) Server built: May 25 2015 04:58:27 :/#:/# /usr/IBMAHS/bin/apachectl -M Loaded Modules: core_module (static) so_module (static) http_module (static) mpm_worker_module (static) ...

LEARN ABOUT FREEBSD

setsid

SETSID(2)						      BSD System Calls Manual							 SETSID(2)

NAME

     setsid -- create session and set process group ID

LIBRARY

     Standard C Library (libc, -lc)

SYNOPSIS

     #include <unistd.h>

     pid_t
     setsid(void);

DESCRIPTION

     The setsid() system call creates a new session.  The calling process is the session leader of the new session, is the process group leader of
     a new process group and has no controlling terminal.  The calling process is the only process in either the session or the process group.

RETURN VALUES

     Upon successful completion, the setsid() system call returns the value of the process group ID of the new process group, which is the same as
     the process ID of the calling process.  If an error occurs, setsid() returns -1 and the global variable errno is set to indicate the error.

ERRORS

     The setsid() system call will fail if:

     [EPERM]		The calling process is already a process group leader, or the process group ID of a process other than the calling process
			matches the process ID of the calling process.

SEE ALSO

     setpgid(2), tcgetpgrp(3), tcsetpgrp(3)

STANDARDS

     The setsid() system call is expected to be compliant with the ISO/IEC 9945-1:1990 (``POSIX.1'') specification.

BSD
								   June 4, 1993 							       BSD