Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Restrict user access
Operating Systems Linux Red Hat Restrict user access Post 302583395 by verdepollo on Tuesday 20th of December 2011 10:33:10 AM
Old 12-20-2011
Before you can assign an ACL, you have to make sure that the filesystem supports them:
Code:
tune2fs -l /dev/sdX/ | grep options

If you run mount you may also get the details. There should be an "acl" option somewhere in the mount options.

If it does not support ACLs, you can always remount the filesystem:

Code:
mount -o remount,acl /usr/sap

Having said so, your ACL command is almost correct:
Code:
setfacl -m d:u:ZODCIFUSR:r /usr/sap

When an ACLs (POSIX ACL) is set on a directory, all new files created inside inherit the default ACL. If for some reason you want to copy a file that has an ACL to a directory that does not use ACLs, both cp -p and mv will preserve the original ACL.
Last edited by verdepollo; 12-20-2011 at 04:59 PM..
This User Gave Thanks to verdepollo For This Post:
hedkandi
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

restrict tcp-port access

Hi Is there any way to restrict the TCP-IP port usage. I want to restrict TCP-IP port 1500/1550 to the oracle osuser. Tanks in advance. Remi (2 Replies)
Discussion started by: remivisser
2 Replies

2. HP-UX

How to restrict a user group to access the kernel

Hi, Please any one can help me to know that how we can restrict a user group to access the kernel at all. (0 Replies)
Discussion started by: harishankar
0 Replies

3. Red Hat

restrict access of a user to two directories only

Hi all, I am using RHEL 5.0 I need a user say test to have full access to two directories, say /tmp1 & /tmp2 only other than his home directory. I do not want to change his login shell which is ksh or bash by default. Moreover, he should not even have read access of other directories. ... (10 Replies)
Discussion started by: vikas027
10 Replies

4. UNIX for Advanced & Expert Users

Restrict FTP access to a single directory for only one user.

Hi All, It will be very great if you can help me in this issue. Thanks in advance. I need to enable FTP on a solaris9 server. I need to create a new user some "xxxxxx" and he can only FTP the files to and from between /tftpboot directory and network devices. Other users should not... (8 Replies)
Discussion started by: santhoshkumar_d
8 Replies

5. UNIX for Dummies Questions & Answers

Restrict user access to their home dir

Hi! i'm using FreeBSD 6.2 and hosting my pc to frens in particular of sensitive information being saved to the PC, i would like to know is it possible for me to restrict user access to their /home dir. only? and also, i wanted to restrict them listing files under /etc thanks all! (10 Replies)
Discussion started by: rdns
10 Replies

6. UNIX for Advanced & Expert Users

Restrict access to specific users.

Hi All! I would like to know if there is any specific way by which I can restrict access to apecific users (ip addresses). OS : Red hat linux Thanks! nua7 (6 Replies)
Discussion started by: nua7
6 Replies

7. UNIX for Advanced & Expert Users

Restrict Access to the folder

Hi I have requirement to create 3 new users on my server but to restrict their access to a set of particular folders. /export/home/kapil/shared, /export/home/kapil/shared/Folder1 /export/home/kapil/shared/Folder2 These folders should be accessible to all the 3 users and to me too.... (1 Reply)
Discussion started by: kapilk
1 Replies

8. UNIX for Dummies Questions & Answers

Restrict user access.

Hi All, How can we restrict a particular user access to a particular shell in solaris 10. Thanks in Advance. (5 Replies)
Discussion started by: rama krishna
5 Replies

9. Ubuntu

Restrict SUDO Access

Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux Hi Folks, Please help me. I am bit struck here. Here is the OS info. Linux ubuntu 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:56:25 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux I have a... (17 Replies)
Discussion started by: explorer007
17 Replies

10. UNIX for Dummies Questions & Answers

Restrict access

I'm trying to use squid to restrict elinks' access to certain websites(only http traffic). I have tried some configs in squid.conf but no luck. Hope someone has a bit of time to explain me how can you make these config's :) ---------- Post updated at 05:40 PM ---------- Previous update was at... (1 Reply)
Discussion started by: Birnbacher
1 Replies

LEARN ABOUT FREEBSD

getfacl

GETFACL(1)						    BSD General Commands Manual 						GETFACL(1)

NAME

     getfacl -- get ACL information

SYNOPSIS

     getfacl [-dhinqv] [file ...]

DESCRIPTION

     The getfacl utility writes discretionary access control information associated with the specified file(s) to standard output.  If the
     getconf(1) utility indicates that {_POSIX_ACL_EXTENDED} is not in effect for a file then the standard discretionary access permissions are
     interpreted as an ACL containing only the required ACL entries.

     The following option is available:

     -d      The operation applies to the default ACL of a directory instead of the access ACL.  An error is generated if a default ACL cannot be
	     associated with file.  This option is not valid for NFSv4 ACLs.

     -h      If the target of the operation is a symbolic link, return the ACL from the symbolic link itself rather than following the link.

     -i      For NFSv4 ACLs, append numerical ID at the end of each entry containing user or group name.  Ignored for POSIX.1e ACLs.

     -n      Display user and group IDs numerically rather than converting to a user or group name.  Ignored for POSIX.1e ACLs.

     -q      Do not write commented information about file name and ownership.	This is useful when dealing with filenames with unprintable char-
	     acters.

     -v      For NFSv4 ACLs, display access mask and flags in a verbose form.  Ignored for POSIX.1e ACLs.

     The following operand is available:

     file    A pathname of a file whose ACL shall be retrieved.  If file is not specified, or a file is specified as -, then getfacl reads a list
	     of pathnames, each terminated by one newline character, from the standard input.

     For an explanation of the ACL syntax, see the setfacl(1) manual page.

EXIT STATUS

     The getfacl utility exits 0 on success, and >0 if an error occurs.

EXAMPLES

	   getfacl /

     Retrieve ACL for the directory /.

	   getfacl -d /

     Retrieve the default ACL for the directory /, if any.

SEE ALSO

     setfacl(1), acl(3), getextattr(8), setextattr(8), acl(9), extattr(9)

STANDARDS

     The getfacl utility is expected to be IEEE Std 1003.2c compliant.

HISTORY

     Extended Attribute and Access Control List support was developed as part of the TrustedBSD Project and introduced in FreeBSD 5.0.

AUTHORS

     Robert N M Watson

BSD
								 September 4, 2009							       BSD
All times are GMT -4. The time now is 11:35 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy