Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Special group & user privileges
Top Forums Shell Programming and Scripting Special group & user privileges Post 302467262 by LibRid on Thursday 28th of October 2010 07:52:44 PM
Old 10-28-2010
Alright thank you Scrutinizer and agn.

I will list below the current script; however, I've encountered my last problem.

-I want to make the group BANNED, have no access to the files with .log extension
-I want to make the group WRITEABLE, have write access to the files with .log extension

How can I do that if a file can only be assigned to one group?
I've already assigned the group BANNED to the .log files already, so now i'm stuck with the WRITEABLE group and how I can also assign the group to .log files with BANNED group.

Here is my current script
Code:
  #Input of new users
echo "Please enter new username"
echo "User 1..."
read newUser1
echo "User 2..."
read newUser2
echo "User 3..."
read newUser3
echo "User 4..."
read newUser4
echo "User 5..."
read newUser5

#Input of new groups
echo "Please enter name of group one"
read group1
echo "Please enter name of group two"
read group2


#creates 2 groups
sudo groupadd $group1
sudo groupadd $group2

#creates first 3 users and adds them to group 1
echo "Assigning users: $newUser1, $newUser2, $newUser3, to group $group1"
sudo useradd -m -s /bin/bash -G $group1 $newUser1
sudo useradd -m -s /bin/bash -G $group1 $newUser2
sudo useradd -m -s /bin/bash -G $group1 $newUser3

#creates last 2 users and adds them to group 2
echo "Assigning users: $newUser4, $newUser5, to group $group2"
sudo useradd -m -s /bin/bash -G $group2 $newUser4
sudo useradd -m -s /bin/bash -G $group2 $newUser5

#creates an extra two groups for BANNED and WRITE-able users
sudo groupadd banned
sudo groupadd writeable

#applies group privileges
sudo chgrp $group1 *.dat
sudo chmod 774 *.dat
sudo chgrp $group2 config*
sudo chmod 774 config*
sudo usermod -G banned $newUser2
sudo usermod -G banned $newUser4
sudo chgrp banned *.log
sudo chmod 704 *.log
sudo usermod -G writeable $newUser3
sudo usermod -G writeable $newUser5 #hm, how can I add the group writeable to *.log, when group banned is already assigned? And how can I give them special permissions?



#applies user privileges
chown $newUser1 *.txt
chmod 771 *.txt

---------- Post updated at 07:52 PM ---------- Previous update was at 07:18 PM ----------

Oh! One way this could be done is just chmod the .log files. Where X= whatever
Code:
 chmod xx2

However this would be for everyone else, not just the other users or users in WRITEABLE group.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Root privileges &Sudoer

Hi guys... how can a root assign a user all or most of the root privileges? is sudoer comand enough 4 this? thx alot.. (2 Replies)
Discussion started by: blue_7
2 Replies

2. UNIX for Advanced & Expert Users

Can't use sendmail ( Program mode requires special privileges)

I just updated sendmail to the newest version and got into this trouble. Somehow only can root can use sendmail while the other users will simply get "SMTP went away" when using pine or "can not chdir(/var/spool/mqueue/): Permission denied Program mode requires special privileges, e.g., root... (1 Reply)
Discussion started by: Micz
1 Replies

3. UNIX for Dummies Questions & Answers

group & user permission question

Folks; I'd like to create a group on my Linux box & add a few users to it. Is there a way to do so and restrict this group/users to have access to only one or directory trees? Let's say i need this group to only have a read write access to only these two directories /opt/Virtu & /fsn/comers ... (10 Replies)
Discussion started by: Katkota
10 Replies

4. UNIX for Dummies Questions & Answers

user & group read/write access question

folks; I created a new users on my SUSE box and i need to give this user/group a read write access to one specific folder. here's the details: - I created new user "funny" under group "users". - I need to give this user "funny" a read/write access to another directory that is owned by "root".... (3 Replies)
Discussion started by: Katkota
3 Replies

5. Shell Programming and Scripting

How can i copy user permissions(privileges) to a group

Hey there I have a problem and i was hoping that you guys could help me out I want to copy a user privileges to a group and i need to copy all privileges(Recursively) every directory with all its sub directories and I tried some solution and it did not work. I used the following command:- ... (14 Replies)
Discussion started by: The Dark Knight
14 Replies

6. Ubuntu

Create New User with the same group nd privileges of the other user

Hi, Anyone can help me on how to duplicate privileges and group for useroradb01 to userrootdb01. I have currently using "useroradb01" and create a newly user "userrootdb01". I want both in the sames privileges and group. Please see the existing users list below; drwxr-xr-x 53 useroradb01... (0 Replies)
Discussion started by: fspalero
0 Replies

7. Shell Programming and Scripting

New To UNIX - Need Script to create report of user & group accounts

Hi, I'm new to the world of UNIX and have been asked to create a complex script (at least complex to me:confused:) for AIX UNIX to create a report of all the users on the server including server, user, UID, groups, GID, etc. Found a script using lsuser, but the output is still lacking. 2 things I... (2 Replies)
Discussion started by: panthur
2 Replies

8. Solaris

Sudo Privileges & Sudoers Group

I'm looking for some suggestions to accomplish what a specific user needs, without adding them to the "sudoers" group. I have X user, that is requesting to be able to change file permissions on items owned by others and search directories where X user doesn't have access. I'm open to any... (2 Replies)
Discussion started by: Nvizn
2 Replies

9. Red Hat

User is a Part of a Group But Group Details Do Not Show the User

Hi, In the following output you can see the the user "richard" is a member on the team/group "developers": # id richard uid=10247(richard) gid=100361(developers) groups=100361(developers),10053(testers) but in the following details of the said group (developers), the said user... (3 Replies)
Discussion started by: indiansoil
3 Replies

10. AIX

UID & GID instead of user name and group name

Hi Everyone, We are encountering the following issue on AIX 5.3. When we do ls -ltr the list displays only user id and group id instead of user name and group name. This is happening for all users except root. Whe we do ls -ltr with root user it shows perfectly fine. When we searched... (25 Replies)
Discussion started by: madhav.kunapa
25 Replies

LEARN ABOUT HPUX

privgrp

privgrp(5)							File Formats Manual							privgrp(5)

NAME

       privgrp - HP-UX group privileges

DESCRIPTION

       HP-UX  allows  subletting of limited superuser-like privileges to all users or to members of a particular group or groups.  This capability
       is deprecated and only existing applications should use it.  The newer fine-grained privilege facilities described in privileges(5)  should
       be used by new applications.

       The header defines the following symbolic privilege names: and

       All  but  one of the group privileges are supported as fine-grained privileges and described in privileges(5).  The one group privilege not
       supported as a fine-grained privilege is:

	      Permits the use of the
			     and system calls for changing respectively the real user ID and real group ID of a  process  (see	setuid(2)).   This
			     behavior  of  is  deprecated  and	only legacy applications should use it.  Newer applications should use and respec-
			     tively, to achieve the same effect.  (No special privileges required.)

       The header defines two additional symbolic constants:

	      defines the maximum number of groups with special privileges.
			     Of this maximum, one is reserved for global privileges (granted to all processes) and the remainder can  be  assigned
			     to actual group IDs.

	      defines the size of the multi-word mask used
			     in defining privileges associated with a group ID.

       The and commands and the and system calls may be used to define and query the privilege group associations.

       The group privileges are automatically initialized from the contents of (see privgrp(4)) at boot time.

WARNINGS

       This mechanism is deprecated and only legacy applications should use it.  See privileges(5) for a description of fine-grained privileges.

SEE ALSO

       getprivgrp(1),  setprivgrp(1M), chown(2), getprivgrp(2), lockf(2), mpctl(2), plock(2), pset_create(2), rtprio(2), rtsched(2), serialize(2),
       setgid(2), setuid(2), shmctl(2), privgrp(4), privileges(5).

																	privgrp(5)
All times are GMT -4. The time now is 08:17 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy