Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: AIX not following permission rules on group
Operating Systems AIX AIX not following permission rules on group Post 302891607 by J-Man on Thursday 6th of March 2014 05:51:50 PM
Old 03-06-2014
Thanks everyone the issue is fixed. I removed three secondary groups from pcadmin and the file access resumed.

Cause was the NFS hard limit of 16 groups.
Quote:
If you use NFS, make sure you don't use more than 16 groups/user, this is a hard NFS limit. If you use NFS and have more than 16 groups/user you will end up with too few permissions on files (truncation after 16 groups) which can also mean people who should not be able to access files can access them, which may be a security problem.
This User Gave Thanks to J-Man For This Post:
rbatte1
 

10 More Discussions You Might Find Interesting

1. AIX

Group permission not working

Please forgive me, but I am not a Unix expert. I'm supporting SAP r/3 and we are trying to run an external command from SAP to read a file at the unix level. When we perform the more command on the following two files, we are succesful in reading the bws file, but unsucessful in reading the bws1... (13 Replies)
Discussion started by: bbauerle
13 Replies

2. UNIX for Dummies Questions & Answers

group permission

I have an executable that had permissions set to 700. I changed this to 770 and added a user to the group in an attempt to allow that userds to run the file. Obviously this didnt work or I wouldnt be here. Do I need to cause the group file to be re-read and if so how, or am I misunderstanding... (6 Replies)
Discussion started by: thumper
6 Replies

3. Shell Programming and Scripting

permission, owner and group

hello I search a script (ksh for Aix 5.3) to save all permissions, groups and owner for all files. Because we work much to change it, and a mystake ......! So i want execute this script to save/ execute permissions for all files. If you have this script, thank you for your help ;) best... (2 Replies)
Discussion started by: pascalbout
2 Replies

4. UNIX for Dummies Questions & Answers

how to add permission of directory to a group

Hi, A simple and silly question on Unix. I have a directory named "a" and I would like to grant permission to group name "text" to access, read and execute my directory. Could anyone help me? Thanks. (2 Replies)
Discussion started by: ahjiefreak
2 Replies

5. UNIX for Dummies Questions & Answers

Inherit Group File Permission

In our file system, the SGID for a directory is set right now. Any new files created in this directory will automatically be assigned the same group from the parent directory. Is there a way to inherit the file permission from the parent directory as well? The OS is Solaris 2.8. Example:... (1 Reply)
Discussion started by: april
1 Replies

6. Shell Programming and Scripting

Find all files with group read OR group write OR user write permission

I need to find all the files that have group Read or Write permission or files that have user write permission. This is what I have so far: find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}' It shows me all files where group read = true, group write = true... (5 Replies)
Discussion started by: shunter63
5 Replies

7. UNIX for Dummies Questions & Answers

Need to remove Group write permission .

How would i write a command that can find all the objects under the etc directory that have group write permission enabled and have not been accessed in the last X days. This is what i got from internet souce but i m not able to modify it according to my distribution. find /etc -perm... (1 Reply)
Discussion started by: pinga123
1 Replies

8. Solaris

Can't sudo Using Group Permission

All: I'm having a problem with sudo on Solaris 5.10 that is giving me fits (and BTW, I'm a Linux admin by trade...). The issue is that I have a number of users (myself included) that cannot sudo to root to complete user admin tasks. Assuming the user is jdoe, and the group with the elevated... (3 Replies)
Discussion started by: rjlohman
3 Replies

9. Solaris

Solaris group ID permission drwxrwS--x

why is the group id in capital S and not lowercase s ? I have a directory with the following permissions: drwxrws--x when I remove the group id and add it again with g+s or chmod 2765 , it displays the group ID in capital "S" instead of lowercase "s" tried to find this out on Google, but... (2 Replies)
Discussion started by: misterx12345
2 Replies

10. UNIX for Dummies Questions & Answers

How to create a Group with rwx permission?

I want to create a GROUP with rwx permission. Also, I want to create a GROUP with root privileges, so that next time i create a user, I just need to add it to any of the groups and privileges automatically applied. please help. Thanks, Shouvanik (4 Replies)
Discussion started by: shouvanik
4 Replies

LEARN ABOUT DEBIAN

nfs_selinux

nfs_selinux(8)						 NFS SELinux Policy documentation					    nfs_selinux(8)

NAME

       nfs_selinux - Security Enhanced Linux Policy for NFS

DESCRIPTION

       Security Enhanced Linux secures the NFS server via flexible mandatory access control.

BOOLEANS

       SELinux	policy	is customizable based on the least level of access required. SELinux can be configured to not allow NFS to share files. If
       you want to share NFS partitions, and only allow read-only access to those NFS partitions, turn the nfs_export_all_ro boolean on:

       setsebool -P nfs_export_all_ro 1

       If you want to share files read/write you must set the nfs_export_all_rw boolean.

       setsebool -P nfs_export_all_rw 1

       These booleans are not required when files to be shared are labeled with the public_content_t or public_content_rw_t types. NFS	can  share
       files labeled with the public_content_t or public_content_rw_t types even if the nfs_export_all_ro and nfs_export_all_rw booleans are off.

       If you want to use a remote NFS server for the home directories on this machine, you must set the use_nfs_home_dirs boolean:

       setsebool -P use_nfs_home_dirs 1

       system-config-selinux is a GUI tool available to customize SELinux policy settings.

AUTHOR

       This manual page was written by Dan Walsh <dwalsh@redhat.com>.

SEE ALSO

       selinux(8), chcon(1), setsebool(8)

dwalsh@redhat.com						    9 Feb 2009							    nfs_selinux(8)
All times are GMT -4. The time now is 11:31 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy