|
|
Sponsored Content
Operating Systems
Solaris
create user with RWX access to a specific directory in Solaris 10
Post 302341722 by jlliagre on Thursday 6th of August 2009 12:36:38 PM
08-06-2009
|
|
10 More Discussions You Might Find Interesting
1. Solaris
dear all
does any one give any user write permission using access control list or another way to solve this problem (1 Reply)
Discussion started by: murad.jaber
1 Replies
2. UNIX for Advanced & Expert Users
Hello,
We need to log the operations that specific user on Solaris 10 (SPARC) is performing on one directory and it's contents. I was able to configure solaris auditing service (auditd) and it works fine. The only problem is that auditd logs huge amount of unneeded information. We need to log... (0 Replies)
Discussion started by: +Yan
0 Replies
3. Shell Programming and Scripting
I have a working script that defines the paths using variables which is used to move a rename files that are being archived. Is there a way to create a directory in the path with the date as the name and then reference it when moving the file to it?
Here is what I have tried with no luck....
... (1 Reply)
Discussion started by: Snickyt0310
1 Replies
4. Solaris
Hi all,
I want to create a new user and grant him ONLY transfer files access to a specific directory where he can only upload and read the files. He should be restricted to this activity only.
Regards (6 Replies)
Discussion started by: gilldn
6 Replies
5. Homework & Coursework Questions
first off let me introduce myself. My name is Eric and I am new to linux, I am taking an advanced linux administration class and we are tasked with creating a script to add new users that anyone can run, has to check for the existence of a directory. if the directory does not exist then it has... (12 Replies)
Discussion started by: pbhound
12 Replies
6. UNIX for Advanced & Expert Users
Is there a way to allow a user to use sudo cp on a specific directory and only a specific file? (6 Replies)
Discussion started by: cokedude
6 Replies
7. UNIX for Dummies Questions & Answers
I want to create a GROUP with rwx permission. Also, I want to create a GROUP with root privileges, so that next time i create a user, I just need to add it to any of the groups and privileges automatically applied.
please help.
Thanks,
Shouvanik (4 Replies)
Discussion started by: shouvanik
4 Replies
8. Solaris
Hi,
I have searched "Limit FTP user's access to a specific directory" subject for 3 days. I found proftp and vsftp but i couldn't compile and install. Is there any idea. Please suggest. (6 Replies)
Discussion started by: hamurd
6 Replies
9. Shell Programming and Scripting
Hi all,
Is there any way to create linux user with access only one defined command? For example, I want new user has access only to ls command. (7 Replies)
Discussion started by: nypreH
7 Replies
10. Solaris
Hello Team,
I have Solaris 10 u6
I have a user test1 using bash that belong to the group staff.
I would like to restrict this user to navigate only in his home directory and his subfolders but not not move out to other directories.
How can I do it ?
Thanks in advance (1 Reply)
Discussion started by: csierra
1 Replies
LEARN ABOUT XFREE86
fs_listacl
FS_LISTACL(1) AFS Command Reference FS_LISTACL(1) NAME fs_listacl - Displays ACLs SYNOPSIS fs listacl [-path <dir/file path>+] [-id] [-if] [-cmd] [-help] fs la [-p <dir/file path>+] [-id] [-if] [-cmd] [-h] fs lista [-p <dir/file path>+] [-id] [-if] [-cmd] [-h] DESCRIPTION The fs listacl command displays the access control list (ACL) associated with each specified file, directory, or symbolic link. The specified element can reside in the DFS filespace if the issuer is using the AFS/DFS Migration Toolkit Protocol Translator to access DFS data (and DFS does implement per-file ACLs). To display the ACL of the current working directory, omit the -path argument. To alter an ACL, use the fs setacl command. To copy an ACL from one directory to another, use the fs copyacl command. To remove obsolete entries from an ACL, use the fs cleanacl command. CAUTIONS Placing a user or group on the "Negative rights" section of the ACL does not guarantee denial of permissions, if the "Normal rights" section grants the permissions to members of the system:anyuser group. In that case, the user needs only to issue the unlog command to obtain the permissions granted to the system:anyuser group. OPTIONS -path <dir/file path>+ Names each directory or file for which to display the ACL. For AFS files, the output displays the ACL from the file's parent directory; DFS files do have their own ACL. Incomplete pathnames are interpreted relative to the current working directory, which is also the default value if this argument is omitted. -id Displays the Initial Container ACL of each DFS directory. This argument is supported only on DFS directories accessed via the AFS/DFS Migration Toolkit Protocol Translator. -if Displays the Initial Object ACL of each DFS directory. This argument is supported only on DFS directories accessed via the AFS/DFS Migration Toolkit Protocol Translator. -cmd Outputs an fs setacl command string that can be used to recreate the ACL applied to the specified file, directory or symbolic link. -help Prints the online help for this command. All other valid options are ignored. OUTPUT The first line of the output for each file, directory, or symbolic link reads as follows: Access list for <directory> is If the issuer used shorthand notation in the pathname, such as the period (".") to represent the current current directory, that notation sometimes appears instead of the full pathname of the directory. Next, the "Normal rights" header precedes a list of users and groups who are granted the indicated permissions, with one pairing of user or group and permissions on each line. If negative permissions have been assigned to any user or group, those entries follow a "Negative rights" header. The format of negative entries is the same as those on the "Normal rights" section of the ACL, but the user or group is denied rather than granted the indicated permissions. AFS does not implement per-file ACLs, so for a file the command displays the ACL on its directory. The output for a symbolic link displays the ACL that applies to its target file or directory, rather than the ACL on the directory that houses the symbolic link. The permissions for AFS enable the possessor to perform the indicated action: a (administer) Change the entries on the ACL. d (delete) Remove files and subdirectories from the directory or move them to other directories. i (insert) Add files or subdirectories to the directory by copying, moving or creating. k (lock) Set read locks or write locks on the files in the directory. l (lookup) List the files and subdirectories in the directory, stat the directory itself, and issue the fs listacl command to examine the directory's ACL. r (read) Read the contents of files in the directory; issue the "ls -l" command to stat the elements in the directory. w (write) Modify the contents of files in the directory, and issue the UNIX chmod command to change their mode bits A, B, C, D, E, F, G, H Have no default meaning to the AFS server processes, but are made available for applications to use in controlling access to the directory's contents in additional ways. The letters must be uppercase. For DFS files and directories, the permissions are similar, except that the DFS "x" (execute) permission replaces the AFS "l" (lookup) permission, DFS "c" (control) replaces AFS "a" (administer), and there is no DFS equivalent to the AFS "k" (lock) permission. The meanings of the various permissions also differ slightly, and DFS does not implement negative permissions. For a complete description of DFS permissions, see the DFS documentation. EXAMPLES The following command displays the ACL on the home directory of the user "pat" (the current working directory), and on its "private" subdirectory. % fs listacl -path . private Access list for . is Normal rights: system:authuser rl pat rlidwka pat:friends rlid Negative rights: smith rlidwka Access list for private is Normal rights: pat rlidwka The following command generates the fs setacl command required to recreate the ACL on the home directory of the user "pat" (the current working directory), and on its "private" subdirectory. % fs listacl -path . private -cmd fs setacl -dir . -acl system:authuser rl pat rlidwka pat:friends rlid fs setacl -dir . -acl smith rlidwka -negative fs setacl -dir private -acl pat rlidwka PRIVILEGE REQUIRED If the -path argument names an AFS directory, the issuer must have the "l" (lookup) permission on its ACL and the ACL for every directory that precedes it in the pathname. If the -path argument names an AFS file, the issuer must have the "l" (lookup) and "r" (read) permissions on the ACL of the file's directory, and the l permission on the ACL of each directory that precedes it in the pathname. If the -path argument names a DFS directory or file, the issuer must have the "x" (execute) permission on its ACL and on the ACL of each directory that precedes it in the pathname. SEE ALSO fs_cleanacl(1), fs_copyacl(1), fs_setacl(1) COPYRIGHT IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved. This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell. OpenAFS 2012-03-26 FS_LISTACL(1)