12-02-2015
root is a group. Are the files in question all accessible by that group?
What you really want is something akin to
sudo,
SUDO in HP UX : A small presentation | SYSADMINSHARE.
Then simply write a script that does precisely what is requested, and only that, then create an account that cannot do much else except login and run
sudo /path/to/myscript
This way you can control what they are doing, reading only the filelystem in question and not using the root group - which has privilege.
The downside is you will have to install sudo. First. See if it looks like you can use it and are allowed to install it.
Plan B would be to create a chroot jail for that account. And only allow visibility to the mountpoint of that filesystem with readonly access. You will have to supply local copies of whatever commands you/they include in the scanning script. And not allow any write access the script. Ownership has to be other than the account you create.
Last edited by jim mcnamara; 12-02-2015 at 04:26 PM..
8 More Discussions You Might Find Interesting
1. Programming
I've written a python program where I want to allow members of a specific group the ability to kill it, and I'm not sure how to do it. I've been looking at the setuid() and setgid() and similar functions in the os module, but haven't been able to get them to work. I can't seem to change the uid or... (1 Reply)
Discussion started by: vastcharade
1 Replies
2. Red Hat
I have encountered some problems in my school work.
Here is the question:
The server that provides the time synchronization must be configured to allow its clients to verify its authenticity using symmetric cryptography.
Much Appreciated!:) (1 Reply)
Discussion started by: wilsonljx
1 Replies
3. Homework & Coursework Questions
The server that provides the time synchronization must be configured to allow its clients to verify its authenticity using symmetric cryptography.
4. Singapore Polytechnic, Dover, Singapore,Mr Kam, and Computer Engineering
I don't think there is any coding since it is just configuring... (3 Replies)
Discussion started by: wilsonljx
3 Replies
4. UNIX and Linux Applications
Hello,
I am wondering if it is possible to allow rescursion into rsyncd modules. For example, I have a module set up like the following:
path = /home/backup
write only = yes
read only = no
auth users = backup
secrets file =... (1 Reply)
Discussion started by: tay9000
1 Replies
5. Red Hat
Hi Friends,
samba for annonymouse setup but not allowing me to write when i tried to browse from windows 7 box
conf as below
#testparm
Load smb config files from /etc/samba/smb.conf
Processing section ""
Processing section ""
Processing section ""
Loaded services file OK.
Server... (0 Replies)
Discussion started by: heman96
0 Replies
6. Cybersecurity
Hi guys, I'm trying to configure iptables to only allow certain ports access.
I set the first set of rules to block everything and then subsequently open ports as needed, but everything still seems to be blocked.
I have read that the order matters (new to iptables), perhaps this is an issue.... (6 Replies)
Discussion started by: 3therk1ll
6 Replies
7. AIX
As I do a ssh <nis_user>@server1 from server2, ssh prompts for certificates (as expected the first time), then it prompts for the users password, as soon as I enter the password, I get a Connection to server1 closed by remote host, and connection to server1 closed. and I disconnect back to the... (3 Replies)
Discussion started by: mrmurdock
3 Replies
8. UNIX for Advanced & Expert Users
Hello Gurus,
I want One user to su to another without allowing root access and password.
I want to run a specific command as below from user am663:
---------------------------------------------------------
sudo -u appsprj4 /home/appsrj4/scripts/start_apache.sh
-------------------
But... (6 Replies)
Discussion started by: pokhraj_d
6 Replies
LEARN ABOUT DEBIAN
ql-dynamic-tgt-lun-disc
ql-dynamic-tgt-disc(8) System Administration ql-dynamic-tgt-disc(8)
NAME
ql-dynamic-tgt-lun-disc - Scans for newly added LUNs.
SYNOPSIS
ql-dynamic-tgt-lun-disc [OPTIONS]
DESCRIPTION
Dynamic TGT-LUN Discovery Utility
This utility scans for newly added LUNs. After adding new LUNs, you do not need to unload, then load the QLogic FC driver or reboot the
system
To begin scanning the LUNs issue following command:
# /usr/sbin/ql-dynamic-tgt-lun-disc
-al, --allow-lip
LIP is not issued by default, even if it is required for scanning new LUNs Setting this option, allows the utility to issue LIP.
-cl, --current-luns
Displays LUNS currently present
-e, --extended-scan
Use this option as "-e | --extended-scan". to rescan LUNs. This will identify any change in attributes of existing LUNs. This option
can be used in combination of scan/refresh or max luns
-h, --help, ?
Prints this help message
-i, --interactive
Use this option to use the menu driven program
-is, --iscsi
Use this option to operate on ISCSI HBAs, this option can be used in combination of any other supported option.
-m, --max-lun
To set the maximum LUNs to be scanned
-p, --proc
Use PROC file system for LUN scanning
-r, --refresh
To refresh, that is remove LUNs that are lost use the options "-r|--refresh". This will remove the LUNs which no more exist.
-s, --scan [ -r|--refresh ]
The QLogic LUN scan utility re-scans all the devices connected to the QLogic HBA
SEE ALSO
ql-lun-state-online(8), ql-hba-snapshot(8), ql-set-cmd-timeout(8)
Matthias Schmitz <matthias@sigxcpu.org> July 2009 ql-dynamic-tgt-disc(8)