Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Special group & user privileges
Top Forums Shell Programming and Scripting Special group & user privileges Post 302467328 by Scrutinizer on Friday 29th of October 2010 03:10:32 AM
Old 10-29-2010
Technically you could deny access to a group using the standard user/group mechanism and give access to everybody else.
Code:
chown root file
chgrp banned file
chmod g=- o+w file

But you probably do not want to do this, since it is highly insecure.
But what do you need the group "banned" for? If for example you control access with a group "allowed" and disallow these rights to other then everyone who is not a member is automatically banned.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Root privileges &Sudoer

Hi guys... how can a root assign a user all or most of the root privileges? is sudoer comand enough 4 this? thx alot.. (2 Replies)
Discussion started by: blue_7
2 Replies

2. UNIX for Advanced & Expert Users

Can't use sendmail ( Program mode requires special privileges)

I just updated sendmail to the newest version and got into this trouble. Somehow only can root can use sendmail while the other users will simply get "SMTP went away" when using pine or "can not chdir(/var/spool/mqueue/): Permission denied Program mode requires special privileges, e.g., root... (1 Reply)
Discussion started by: Micz
1 Replies

3. UNIX for Dummies Questions & Answers

group & user permission question

Folks; I'd like to create a group on my Linux box & add a few users to it. Is there a way to do so and restrict this group/users to have access to only one or directory trees? Let's say i need this group to only have a read write access to only these two directories /opt/Virtu & /fsn/comers ... (10 Replies)
Discussion started by: Katkota
10 Replies

4. UNIX for Dummies Questions & Answers

user & group read/write access question

folks; I created a new users on my SUSE box and i need to give this user/group a read write access to one specific folder. here's the details: - I created new user "funny" under group "users". - I need to give this user "funny" a read/write access to another directory that is owned by "root".... (3 Replies)
Discussion started by: Katkota
3 Replies

5. Shell Programming and Scripting

How can i copy user permissions(privileges) to a group

Hey there I have a problem and i was hoping that you guys could help me out I want to copy a user privileges to a group and i need to copy all privileges(Recursively) every directory with all its sub directories and I tried some solution and it did not work. I used the following command:- ... (14 Replies)
Discussion started by: The Dark Knight
14 Replies

6. Ubuntu

Create New User with the same group nd privileges of the other user

Hi, Anyone can help me on how to duplicate privileges and group for useroradb01 to userrootdb01. I have currently using "useroradb01" and create a newly user "userrootdb01". I want both in the sames privileges and group. Please see the existing users list below; drwxr-xr-x 53 useroradb01... (0 Replies)
Discussion started by: fspalero
0 Replies

7. Shell Programming and Scripting

New To UNIX - Need Script to create report of user & group accounts

Hi, I'm new to the world of UNIX and have been asked to create a complex script (at least complex to me:confused:) for AIX UNIX to create a report of all the users on the server including server, user, UID, groups, GID, etc. Found a script using lsuser, but the output is still lacking. 2 things I... (2 Replies)
Discussion started by: panthur
2 Replies

8. Solaris

Sudo Privileges & Sudoers Group

I'm looking for some suggestions to accomplish what a specific user needs, without adding them to the "sudoers" group. I have X user, that is requesting to be able to change file permissions on items owned by others and search directories where X user doesn't have access. I'm open to any... (2 Replies)
Discussion started by: Nvizn
2 Replies

9. Red Hat

User is a Part of a Group But Group Details Do Not Show the User

Hi, In the following output you can see the the user "richard" is a member on the team/group "developers": # id richard uid=10247(richard) gid=100361(developers) groups=100361(developers),10053(testers) but in the following details of the said group (developers), the said user... (3 Replies)
Discussion started by: indiansoil
3 Replies

10. AIX

UID & GID instead of user name and group name

Hi Everyone, We are encountering the following issue on AIX 5.3. When we do ls -ltr the list displays only user id and group id instead of user name and group name. This is happening for all users except root. Whe we do ls -ltr with root user it shows perfectly fine. When we searched... (25 Replies)
Discussion started by: madhav.kunapa
25 Replies

LEARN ABOUT HPUX

setprivgrp

setprivgrp(1M)															    setprivgrp(1M)

NAME

       setprivgrp - set special privileges for groups

SYNOPSIS

       groupname [privileges]

       [privileges]

       [privileges]

       file

DESCRIPTION

       The  command associates a group with a list of privileges, thus providing access to certain system capabilities for members of a particular
       group or groups.  The privileges can be displayed with the command (see getprivgrp(1)).

       Privileges can be granted to individual groups, as defined in the file, and globally for all groups.

       Only a superuser can use the command.

   Options and Arguments
       recognizes the following options and arguments:

	      privileges     One or more of the keywords described below in

	      groupname      The name of a group defined in the file named The current privileges for groupname, if any, are replaced by the spec-
			     ified privileges.	To retain prior privileges, they must be respecified.

	      Specify global privileges that apply to all groups.
			     The  current  privileges,	if any, are replaced by the specified privileges, To retain prior privileges, they must be
			     respecified.

	      If no	     privileges are specified, delete all privileges for all groups, including global privileges.

			     If one or more privileges are specified, delete the specified privileges from the	current  privilege  lists  of  all
			     groups, including the global privilege list, but do not delete unspecified privileges.

	      Set the privileges according to entries in the file
			     file.  This file is usually The entry formats are described below in

   Privileged Capabilities
       The following system capabilities can be granted to groups:

	      Can use	     to change file ownerships (see chown(2)).

	      Can use	     to set locks on files that are open for reading only (see lockf(2)).

	      Can use	     to  lock  process	text  and data into memory, and the function to lock shared memory segments (see plock(2) and shm-
			     ctl(2)).

	      Can use	     to set real-time priorities (see rtprio(2)).

	      Can use	     and to set POSIX.4 real-time priorities (see rtsched(2)).

	      Can use	     to force the target process to run serially with other processes that are also marked by this system call (see  seri-
			     alize(2)).

	      Can use	     and to change, respectively, the real user ID and real group ID of a process (see setuid(2) and setgid(2)).

	      Allows certain administrative operations in the Process
			     Resource Manager (PRM) product.  See that product's documentation for more information.

	      Allows certain administrative operations in the Instant
			     Capacity (iCAP) product.  See that product's documentation for more information.

	      Can change system pset configuration (see
			     pset_create(2)).

	      Can use	     to change processor binding, locality domain binding or launch policy of a process (see mpctl(2)).

   Group Privileges File Format
       The file specified with the option should contain one or more lines in the following formats:

	      groupname [privileges]

	       [privileges]

	       [privileges]

       They are described above in "Options and Arguments".

RETURN VALUE

       exits with one of the following values:

	      Successful completion.
	      Failure.

AUTHOR

       was developed by HP.

FILES

       SEE ALSO
	      getprivgrp(1),  chown(2),  getprivgrp(2),  lockf(2), plock(2), rtprio(2), rtsched(2), serialize(2), setgid(2), setuid(2), shmctl(2),
	      mpctl(2), pset_create(2), privgrp(4).

																    setprivgrp(1M)
All times are GMT -4. The time now is 05:07 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy