I have an application user on my system that wants accesses to these file systems as such:
rwx:
/SAPO
/SAPS12
/R3_888
/R3_888B
/R3_888F
/R3_888R
r:
/usr/sap
these are the existing FS permissionswnerships:
Code:
[root@H99A100 ~]# ls -ld /SAPO
drwxrwxr-x 64 ZODCIFUSR ODCgrp 12288 Nov 25 11:02 /SAPO
[root@H99A100 ~]# ls -ld /SAPS12
drwxrwxr-x 5 s12adm ODCgrp 4096 Nov 7 13:49 /SAPS12
[root@H99A100 ~]# ls -ld /R3_888
drwxrwxr-x 129 s12adm ODCgrp 4096 Nov 10 09:56 /R3_888
[root@H99A100 ~]# ls -ld /R3_888B
drwxrwxr-x 31 s12adm ODCgrp 4096 Nov 7 15:03 /R3_888B
[root@H99A100 ~]# ls -ld /R3_888F
drwxrwxr-x 43 s12adm ODCgrp 4096 Nov 21 17:16 /R3_888F
[root@H99A100 ~]# ls -ld /R3_888R
drwxrwxr-x 4 s12adm ODCgrp 4096 Nov 7 15:03 /R3_888R
[root@H99A100 ~]# ls -ld /usr/sap
drwxrwxr-x 5 s12adm sapsys 4096 Oct 25 22:16 /usr/sap
the user:
Code:
[root@H99A100 ~]# id ZODCIFUSR
uid=2020(ZODCIFUSR) gid=200(ODCgrp) groups=200(ODCgrp),0(root) context=root:system_r:unconfined_t:SystemLow-SystemHigh
so how do i go by providing user ZODCIFUSR access to the file systems stated above without setting ACLs on the system? (or is ACLs the only way to do it?)
right now, he's in group 0, so he can pretty much access all the FS but this is just a temp workaround
I was thinking of adding the user to supplementary groups on which the FS are grouped (i.e. sapsys, ODCgrp)
please help, if ACLs is the way to do it, please let me know because i am not very good with the commands
Hi
Is there any way to restrict the TCP-IP port usage.
I want to restrict TCP-IP port 1500/1550 to the oracle osuser.
Tanks in advance.
Remi (2 Replies)
Hi all,
I am using RHEL 5.0
I need a user say test to have full access to two directories, say /tmp1 & /tmp2 only other than his home directory.
I do not want to change his login shell which is ksh or bash by default.
Moreover, he should not even have read access of other directories.
... (10 Replies)
Hi All,
It will be very great if you can help me in this issue. Thanks in advance.
I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Hi!
i'm using FreeBSD 6.2 and hosting my pc to frens
in particular of sensitive information being saved to the PC, i would like to know is it possible for me to restrict user access to their /home dir. only?
and also, i wanted to restrict them listing files under /etc
thanks all! (10 Replies)
Hi All!
I would like to know if there is any specific way by which I can restrict access to apecific users (ip addresses).
OS : Red hat linux
Thanks!
nua7 (6 Replies)
Hi
I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders.
/export/home/kapil/shared,
/export/home/kapil/shared/Folder1
/export/home/kapil/shared/Folder2
These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
Hi Folks,
Please help me. I am bit struck here.
Here is the OS info.
Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
I have a... (17 Replies)
I'm trying to use squid to restrict elinks' access to certain websites(only http traffic).
I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :)
---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Discussion started by: Birnbacher
1 Replies
LEARN ABOUT SUNOS
systemd-volatile-root.service
SYSTEMD-VOLATILE-ROOT.SERVICE(8) systemd-volatile-root.service SYSTEMD-VOLATILE-ROOT.SERVICE(8)NAME
systemd-volatile-root.service, systemd-volatile-root - Make the root file system volatile
SYNOPSIS
systemd-volatile-root.service
/lib/systemd/systemd-volatile-root
DESCRIPTION
systemd-volatile-root.service is a service that replaces the root directory with a volatile memory file system ("tmpfs"), mounting the
original (non-volatile) /usr inside it read-only. This way, vendor data from /usr is available as usual, but all configuration data in
/etc, all state data in /var and all other resources stored directly under the root directory are reset on boot and lost at shutdown,
enabling fully stateless systems.
This service is only enabled if full volatile mode is selected, for example by specifying "systemd.volatile=yes" on the kernel command
line. This service runs only in the initial RAM disk ("initrd"), before the system transitions to the host's root directory. Note that this
service is not used if "systemd.volatile=state" is used, as in that mode the root directory is non-volatile.
SEE ALSO systemd(1), systemd-fstab-generator(8), kernel-command-line(7)systemd 237SYSTEMD-VOLATILE-ROOT.SERVICE(8)