04-17-2009
Thanx everyone for you help
I found this on the web
setfacl
How to use this to make the group to which testuser belongs , unable to get other group privilege ?
I could not understand much Sorry I am new to Unix
10 More Discussions You Might Find Interesting
1. HP-UX
Hi,
Please any one can help me to know that how we can restrict a user group to access the kernel at all. (0 Replies)
Discussion started by: harishankar
0 Replies
2. UNIX for Advanced & Expert Users
Upon trying to open up permissions between 2 accounts in Snow Leopard I caused the os to crash - restarting/turning off then on did nothing - the os would no longer load. I took it into Apple where they got the os back up and running with a slight twist. The secondary drive was flagged (a little... (0 Replies)
Discussion started by: Alexander4444
0 Replies
3. AIX
How to assign superuser privilege to an ordinary user temporarily (1 Reply)
Discussion started by: udtyuvaraj
1 Replies
4. AIX
Hello,
I am new in AIX please tell how can i create user and add group in this user for example, i want to create user umair and want to add this user primanry group DBA and secondary group ORACLE,how can i do this please tell in detail
Thanks,
Umair (1 Reply)
Discussion started by: umair
1 Replies
5. UNIX for Dummies Questions & Answers
Hi,
How can I restrict access to a set of people in a group on a directory?
Ex.. The following are the permissions on a directory (dir1)
rwxrwxr-- own1 grp1 dir1
where own1 is the owner
grp1 is the group name
and dir1 is the directory name.
So., Is there any way that only few id's in... (0 Replies)
Discussion started by: brahmi
0 Replies
6. Ubuntu
Hi,
Anyone can help me on how to duplicate privileges and group for useroradb01 to userrootdb01. I have currently using "useroradb01" and create a newly user "userrootdb01".
I want both in the sames privileges and group. Please see the existing users list below;
drwxr-xr-x 53 useroradb01... (0 Replies)
Discussion started by: fspalero
0 Replies
7. Solaris
I have performed the following with lower case group and usernames and the only difference is that the error message under groupadd goes away, yet I am still unable to successfully add a user WITH a home directory.
This is in Solaris 10. I am able to add a group, add a user, add the users... (3 Replies)
Discussion started by: Showflash
3 Replies
8. Shell Programming and Scripting
Hi, I'm new to the world of UNIX and have been asked to create a complex script (at least complex to me:confused:) for AIX UNIX to create a report of all the users on the server including server, user, UID, groups, GID, etc.
Found a script using lsuser, but the output is still lacking. 2 things I... (2 Replies)
Discussion started by: panthur
2 Replies
9. Red Hat
Hi,
In the following output you can see the the user "richard" is a member on the team/group "developers":
# id richard
uid=10247(richard) gid=100361(developers) groups=100361(developers),10053(testers)
but in the following details of the said group (developers), the said user... (3 Replies)
Discussion started by: indiansoil
3 Replies
10. Shell Programming and Scripting
Hi ,
I want to create 3 different user with below privilege in Solaris and Linux.
1) Read Only
2)Read and Write Only
3) Admin user
Can you guys help me on this . (3 Replies)
Discussion started by: Naveen Pathak
3 Replies
LEARN ABOUT HPUX
getprivgrp
getprivgrp(2) System Calls Manual getprivgrp(2)
NAME
getprivgrp(), setprivgrp() - get and set special attributes for group
SYNOPSIS
DESCRIPTION
getprivgrp()
The system call returns a table of the privileged group assignments into a user-supplied structure. grplist points to an array of struc-
tures of type associating a group ID with a privilege mask. Privilege masks are formed by ORing together elements from the access types
specified in The array may have gaps in it, distinguished as having a field value of The group number gives the global privilege mask.
Only information about groups which are in the user's group access list, or about the user's real or effective group ID, is returned to an
ordinary user. The complete set is returned to a user with the privilege.
setprivgrp()
The system call associates a kernel capability with a group ID. This allows subletting of superuser-like privileges to members of a par-
ticular group or groups. takes two arguments: grpid, the integer group ID, and mask, a mask of permissions. The mask is created by treat-
ing the access types defined in as bit numbers (using 1 for the least significant bit). Thus, privilege number 5 would be represented by
the bits or 16. More generally, privilege p is represented by:
where is given 8 bits per byte. As it is possible to have more than word-size distinct privileges, mask is a pointer to an integer array
of size
privileges include those specified in the file A process can access the system call protected by a specific privileged group if it belongs
to or has an effective group ID of a group having access to the system call. All processes are considered to belong to the pseudo-group
Specifying a grpid of causes privileges to be revoked on all privileged groups that have any of the privileges specified in mask. Specify-
ing a grpid of causes privileges to be granted to all processes.
The constant in defines the system limit on the number of groups that can be assigned privileges. One of these is always the psuedo-group
allowing for actual groups.
Only processes with the privilege can use
Security Restrictions
Some or all of the actions associated with this system call require the privilege. Processes owned by the superuser have this privilege.
Processes owned by other users may have this privilege, depending on system configuration. See privileges(5) for more information about
privileged access on systems that support fine-grained privileges.
RETURN VALUE
and return the following values:
Successful completion.
Failure.
is set to indicate the error.
ERRORS
If fails, is set to one of the following values.
grplist points to an illegal address. The reliable detection of this error is implementation dependent.
If fails, is set to one of the following values.
The request would require assigning privileges to more than
groups.
mask points to an illegal address. The reliable detection of this error is implementation dependent.
mask has bits set for one or more unknown privileges.
grpid is out of range.
The caller is not a privileged user.
EXAMPLES
The following example prints out and the group IDs of the privilege groups to which the user belongs:
AUTHOR
and were developed by HP.
SEE ALSO
getprivgrp(1), setprivgrp(1M), setgroups(2), privgrp(4), privileges(5).
getprivgrp(2)