10-04-2010
How to remove group write bit?
I know this may sound little incomplete but this is what i read on some linux hardening guide.I dont have any clue on how to remove group's write bit.
I m posting the exact sentence of the hardening guide.
Quote:
The group write bit should removed from all system files that do not explicitly require it to be enabled
What all system files to be taken care of?
---------- Post updated 10-04-10 at 12:39 AM ---------- Previous update was 10-03-10 at 11:40 PM ----------
My distribution details
Quote:
# lsb_release -a
LSB Version: :core-3.1-ia32:core-3.1-noarch:graphics-3.1-ia32:graphics-3.1-noarch
Distributor ID: OracleVMserver
Description: Oracle VM server release 2.2.0
Release: 2.2.0
Codename: n/a
Quote:
# uname -a
Linux OFSMUW-VS-61 2.6.18-128.2.1.4.9.el5xen #1 SMP Fri Oct 9 14:57:31 EDT 2009 i686 i686 i386 GNU/Linux
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Whenever I create a new file the group name is "dnn" and the file permissions are "-rw-r--r--".
How do I get it so when I create files (with vi or other programs) that the default group is "sss" and the permissions are 770?
(I am running HP-UNIX)
Thanks,
GoldFish (2 Replies)
Discussion started by: goldfish
2 Replies
2. UNIX for Dummies Questions & Answers
folks;
I created a new users on my SUSE box and i need to give this user/group a read write access to one specific folder. here's the details:
- I created new user "funny" under group "users".
- I need to give this user "funny" a read/write access to another directory that is owned by "root".... (3 Replies)
Discussion started by: Katkota
3 Replies
3. Shell Programming and Scripting
i have some 350 files in a dir: i want to remove them in one shot,
ls -ltr | grep 'Sep 15' | head -350
the above command gives me those 350 files i need to remove them,how to implement remove logic here in this command?
i can get those 350 files using the above command only and therefore... (6 Replies)
Discussion started by: ali560045
6 Replies
4. Solaris
Hi,
Wanted to remove a user from a group , but no GUI , must use command line (2 Replies)
Discussion started by: civic2005
2 Replies
5. Shell Programming and Scripting
I need to find all the files that have group Read or Write permission or files that have user write permission.
This is what I have so far:
find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}'
It shows me all files where group read = true, group write = true... (5 Replies)
Discussion started by: shunter63
5 Replies
6. UNIX for Dummies Questions & Answers
How would i write a command that can find all the objects under the etc directory that have group write permission enabled and have not been accessed in the last X days.
This is what i got from internet souce but i m not able to modify it according to my distribution.
find /etc -perm... (1 Reply)
Discussion started by: pinga123
1 Replies
7. Shell Programming and Scripting
hi buddies;
rollbackip.txt:10.14.3.65 2
10.14.3.65 3
...
lookup.txt:
...
10.14.3.65 2 10.14.5.55 1 55 10.14.6.66 1 66
10.14.3.65 3 10.14.7.77 3 77 10.14.8.88 2 88 10.14.9.99 4 99
...
ip-port.txt
...
port111 3 10.14.5.55 57
port111 2 10.14.5.55 51
port111 1 10.14.5.55 59 ->... (7 Replies)
Discussion started by: gc_sw
7 Replies
8. Red Hat
Hi,
I have a 64-bit RHEL 5.5. In order to make a particular product work I want to uninstall some rpms which is specific to 64 bit. Wondering if anyone has a way how to remove the 64-bit rpm without disturbing the i386 rpms.
What I find when I googled is all are removing forcefully, but... (2 Replies)
Discussion started by: dbashyam
2 Replies
9. Shell Programming and Scripting
Hi,
How can I remove duplicates from a file based on group on other column? for example:
Test1|Test2|Test3|Test4|Test5
Test1|Test6|Test7|Test8|Test5
Test1|Test9|Test10|Test11|Test12
Test1|Test13|Test14|Test15|Test16
Test17|Test18|Test19|Test20|Test21
Test17|Test22|Test23|Test24|Test5
... (2 Replies)
Discussion started by: yale_work
2 Replies
10. UNIX for Dummies Questions & Answers
Oracle Linux 6.6
grid user's secondary groups are asmadmin,asmdba,asmoper and dba
# id -a grid
uid=638(grid) gid=2000(oinstall) groups=2000(oinstall),2100(asmadmin),2200(dba),2300(asmdba),2301(asmoper)
I want to remove dba as the secondary group for grid and keep the remaining ones.
ie. I... (5 Replies)
Discussion started by: John K
5 Replies
LEARN ABOUT SUSE
lsb_release
FSG(1) FSG FSG(1)
NAME
FSG - manual page for FSG lsb_release v2.0-SuSE
SYNOPSIS
lsb_release [OPTION]...
DESCRIPTION
FSG lsb_release v2.0-SuSE prints certain LSB (Linux Standard Base) and Distribution information.
With no OPTION specified defaults to -v.
OPTIONS
-v, --version
Display the version of the LSB specification against which the distribution is compliant.
-i, --id
Display the string id of the distributor.
-d, --description
Display the single line text description of the distribution.
-r, --release
Display the release number of the distribution.
-c, --codename
Display the codename according to the distribution release.
-a, --all
Display all of the above information.
-s, --short
Use short output format for information requested by other options (or version if none).
-h, --help
Display this message.
FILES
If the installation is LSB compliant, the "/etc/lsb-release" file should contain the LSB_VERSION field. The value of the field should be a
colon separated list of supported module versions indicating the LSB specification modules to which the installation is compliant. If the
installation is not compliant, the above field should not be present.
Optional fields are DISTRIB_ID, DISTRIB_RELEASE, DISTRIB_CODENAME, DISTRIB_DESCRIPTION and can be used to override information which is
parsed from the "/etc/distrib-release" file.
If the "/etc/lsb-release.d" directory exists, it is searched for filenames which are taken as additional module-version strings to add to
LSB_VERSION.
The "/etc/distrib-release" file contains a description line which is parsed to get information (especially on currently non-LSB compliant
systems).
The required line style is:
"Distributor release x.x (Codename)"
Where Distributor can be a couple of words, but then concatenated (i.e. Linux Foo BarLinux Linux -> FooBarLinux),
x.x starts with a digit followed by any non-blank characters, Codename will also be concatenated (blanks cleanup only).
release may not be used as a keyword in DISTRIB_DESCRIPTION if you don't want to override "/etc/distrib-release" data.
Notice: To support the Debian distributions' lack of information (see "/etc/debian_version" file) some have been directly added into the
lsb_release script.
EXAMPLES
If the "/etc/lsb-release" file contains:
LSB_VERSION="core-2.0-ia64:core-2.0-noarch"
DISTRIB_DESCRIPTION="I enjoy using my distrib"
and the "/etc/lsb-release.d" directory contains:
graphics-2.0-ia64 graphics-2.0-noarch
and the "/etc/foobar-release" file contains:
My Linux Distrib release 1.0RC4 (TryIt)
Then the results of various options will be:
$ ./lsb_release --all
LSB Version: core-2.0-ia64:core-2.0-noarch:graphics-2.0-ia64:graphics-2.0-noarch
Distributor ID: MyDistrib
Description: I enjoy using my distrib
Release: 1.0RC4
Codename: TryIt
$ ./lsb_release -a -s
1.0 MyDistrib "I enjoy using my distrib" 1.0RC4 TryIt
If the "/etc/lsb-release" file is absent (indicating this is not an LSB compliant distribution), the result will be:
$ ./lsb_release -a
LSB Version: n/a
Distributor ID: MyDistrib
Description: My Linux Distrib release 1.0RC4 (TryIt)
Release: 1.0RC4
Codename: TryIt
REPORTING BUGS
Report bugs at http://bugs.linuxbase.org. Please include a complete, self contained example that will allow the bug to be reproduced, and
say which version of lsb_release you are using.
COPYRIGHT
Copyright (C) 2000, 2002, 2004 Free Standards Group, Inc.
This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICU-
LAR PURPOSE.
Originally written by Dominique MASSONIE.
FSG lsb_release v2.0-SuSE July 2010 FSG(1)