Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Special group & user privileges
Top Forums Shell Programming and Scripting Special group & user privileges Post 302467262 by LibRid on Thursday 28th of October 2010 07:52:44 PM
Old 10-28-2010
Alright thank you Scrutinizer and agn.

I will list below the current script; however, I've encountered my last problem.

-I want to make the group BANNED, have no access to the files with .log extension
-I want to make the group WRITEABLE, have write access to the files with .log extension

How can I do that if a file can only be assigned to one group?
I've already assigned the group BANNED to the .log files already, so now i'm stuck with the WRITEABLE group and how I can also assign the group to .log files with BANNED group.

Here is my current script
Code:
  #Input of new users
echo "Please enter new username"
echo "User 1..."
read newUser1
echo "User 2..."
read newUser2
echo "User 3..."
read newUser3
echo "User 4..."
read newUser4
echo "User 5..."
read newUser5

#Input of new groups
echo "Please enter name of group one"
read group1
echo "Please enter name of group two"
read group2


#creates 2 groups
sudo groupadd $group1
sudo groupadd $group2

#creates first 3 users and adds them to group 1
echo "Assigning users: $newUser1, $newUser2, $newUser3, to group $group1"
sudo useradd -m -s /bin/bash -G $group1 $newUser1
sudo useradd -m -s /bin/bash -G $group1 $newUser2
sudo useradd -m -s /bin/bash -G $group1 $newUser3

#creates last 2 users and adds them to group 2
echo "Assigning users: $newUser4, $newUser5, to group $group2"
sudo useradd -m -s /bin/bash -G $group2 $newUser4
sudo useradd -m -s /bin/bash -G $group2 $newUser5

#creates an extra two groups for BANNED and WRITE-able users
sudo groupadd banned
sudo groupadd writeable

#applies group privileges
sudo chgrp $group1 *.dat
sudo chmod 774 *.dat
sudo chgrp $group2 config*
sudo chmod 774 config*
sudo usermod -G banned $newUser2
sudo usermod -G banned $newUser4
sudo chgrp banned *.log
sudo chmod 704 *.log
sudo usermod -G writeable $newUser3
sudo usermod -G writeable $newUser5 #hm, how can I add the group writeable to *.log, when group banned is already assigned? And how can I give them special permissions?



#applies user privileges
chown $newUser1 *.txt
chmod 771 *.txt

---------- Post updated at 07:52 PM ---------- Previous update was at 07:18 PM ----------

Oh! One way this could be done is just chmod the .log files. Where X= whatever
Code:
 chmod xx2

However this would be for everyone else, not just the other users or users in WRITEABLE group.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Root privileges &Sudoer

Hi guys... how can a root assign a user all or most of the root privileges? is sudoer comand enough 4 this? thx alot.. (2 Replies)
Discussion started by: blue_7
2 Replies

2. UNIX for Advanced & Expert Users

Can't use sendmail ( Program mode requires special privileges)

I just updated sendmail to the newest version and got into this trouble. Somehow only can root can use sendmail while the other users will simply get "SMTP went away" when using pine or "can not chdir(/var/spool/mqueue/): Permission denied Program mode requires special privileges, e.g., root... (1 Reply)
Discussion started by: Micz
1 Replies

3. UNIX for Dummies Questions & Answers

group & user permission question

Folks; I'd like to create a group on my Linux box & add a few users to it. Is there a way to do so and restrict this group/users to have access to only one or directory trees? Let's say i need this group to only have a read write access to only these two directories /opt/Virtu & /fsn/comers ... (10 Replies)
Discussion started by: Katkota
10 Replies

4. UNIX for Dummies Questions & Answers

user & group read/write access question

folks; I created a new users on my SUSE box and i need to give this user/group a read write access to one specific folder. here's the details: - I created new user "funny" under group "users". - I need to give this user "funny" a read/write access to another directory that is owned by "root".... (3 Replies)
Discussion started by: Katkota
3 Replies

5. Shell Programming and Scripting

How can i copy user permissions(privileges) to a group

Hey there I have a problem and i was hoping that you guys could help me out I want to copy a user privileges to a group and i need to copy all privileges(Recursively) every directory with all its sub directories and I tried some solution and it did not work. I used the following command:- ... (14 Replies)
Discussion started by: The Dark Knight
14 Replies

6. Ubuntu

Create New User with the same group nd privileges of the other user

Hi, Anyone can help me on how to duplicate privileges and group for useroradb01 to userrootdb01. I have currently using "useroradb01" and create a newly user "userrootdb01". I want both in the sames privileges and group. Please see the existing users list below; drwxr-xr-x 53 useroradb01... (0 Replies)
Discussion started by: fspalero
0 Replies

7. Shell Programming and Scripting

New To UNIX - Need Script to create report of user & group accounts

Hi, I'm new to the world of UNIX and have been asked to create a complex script (at least complex to me:confused:) for AIX UNIX to create a report of all the users on the server including server, user, UID, groups, GID, etc. Found a script using lsuser, but the output is still lacking. 2 things I... (2 Replies)
Discussion started by: panthur
2 Replies

8. Solaris

Sudo Privileges & Sudoers Group

I'm looking for some suggestions to accomplish what a specific user needs, without adding them to the "sudoers" group. I have X user, that is requesting to be able to change file permissions on items owned by others and search directories where X user doesn't have access. I'm open to any... (2 Replies)
Discussion started by: Nvizn
2 Replies

9. Red Hat

User is a Part of a Group But Group Details Do Not Show the User

Hi, In the following output you can see the the user "richard" is a member on the team/group "developers": # id richard uid=10247(richard) gid=100361(developers) groups=100361(developers),10053(testers) but in the following details of the said group (developers), the said user... (3 Replies)
Discussion started by: indiansoil
3 Replies

10. AIX

UID & GID instead of user name and group name

Hi Everyone, We are encountering the following issue on AIX 5.3. When we do ls -ltr the list displays only user id and group id instead of user name and group name. This is happening for all users except root. Whe we do ls -ltr with root user it shows perfectly fine. When we searched... (25 Replies)
Discussion started by: madhav.kunapa
25 Replies

LEARN ABOUT HPUX

setresuid

setresuid(2)							System Calls Manual						      setresuid(2)

NAME

       setresuid, setresgid - set real, effective, and saved user and group IDs

SYNOPSIS

DESCRIPTION

       sets the real, effective and/or saved user ID of the calling process.

       If  the	current  real,	effective  or saved user ID is equal to that of a user having appropriate privileges, sets the real, effective and
       saved user IDs to ruid, euid, and suid, respectively.  Otherwise, only sets the real, effective, and saved user IDs if ruid, euid, and suid
       each match at least one of the current real, effective, or saved user IDs.

       If ruid, euid, or suid is leaves the current real, effective or saved user ID unchanged.

       sets the real, effective and/or saved group ID of the calling process.

       If  the	current  real,	effective or saved user ID is equal to that of a user having appropriate privileges, sets the real, effective, and
       saved group ID to rgid, egid, and sgid, respectively.  Otherwise, only sets the real, effective and saved group ID if rgid, egid, and  sgid
       each match at least one of the current real, effective or saved group ID.

       If rgid, egid, or sgid is leaves the current real, effective or saved group ID unchanged.

   Security Restrictions
       Some  or  all  of  the actions associated with this system call require the privilege (CHSUBJIDENT).  Processes owned by the superuser will
       have this privilege.  Processes owned by other users may have this privilege, depending on system configuration.

       See privileges(5) for more information about privileged access on systems that support fine-grained privileges.

RETURN VALUE

       Upon successful completion, and return 0; otherwise, they return -1 and set to indicate the error.

ERRORS

       and fail if any of the following conditions are encountered:

	      ruid,	     euid, or suid (rgid, egid, or sgid) is not a valid user (group) ID.

	      None of the conditions above are met.

AUTHOR

       and were developed by HP.

SEE ALSO

       exec(2), getuid(2), setuid(2), privileges(5).

																      setresuid(2)
All times are GMT -4. The time now is 11:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy