Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Role based access and security
Special Forums Cybersecurity Role based access and security Post 302968520 by sunnysthakur on Thursday 10th of March 2016 07:52:55 AM
Old 03-10-2016
Role based access and security
Hello,

We are planning to setup a Role based access and security to our Linux servers. We can use mostly use sudo for providing the limited access to service and files.
My query is that how can we manage that members can edit/access only specific files (it would be 1 or multiple files or placed on multi location), This seems to be very hectic if can manage from sudo to add all the entries there.

Can you please let me know the better solution for this as we have a sub teams and that team would have multiple members working for various areas.

Is ACL would be a better option somehow ?
 

6 More Discussions You Might Find Interesting

1. Solaris

Security of root access

Hi, The security auditor give a this statement , what to do ? On my solaris system (S10) "The User ID "root" should not be used on the system - the su and the priviledged account should be used from each administrator for accountability purposes" What to do ? (3 Replies)
Discussion started by: falcon16
3 Replies

2. SuSE

"scp" access denied:/etc/security/access.conf

Guys i have 2 SUSE Linux Enterprise Server 10 SP1 (i586) boxes.if i take a look into /etc/security/access.conf ,i see following lines at the eof # All other users should be denied to get access from all sources. #- : ALL : ALL - : myID : ALL now earlier i had written scripts where files... (1 Reply)
Discussion started by: ak835
1 Replies

3. AIX

role based user

Hi .. I need to assign role based permission to users... How to assign role based permission in aix... Thanks.. (4 Replies)
Discussion started by: sumathi.k
4 Replies

4. Linux

Web based X11 access

Hi guys ;) I'm new here. I had been reading a long time here on the forums but now I registered finally. And got a question for you. Since yesterday I've got successfully installed a X11-connection from my WinXP to a RedHat EL 5 - Box. Now there's a web portal needed. So I have to make a... (2 Replies)
Discussion started by: supermaRiio
2 Replies

5. Homework & Coursework Questions

Security issues with universal access of file

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: If you look at the permissions associated with a symbolic link, it has universal access. Does this lead to... (0 Replies)
Discussion started by: linux17
0 Replies

6. Red Hat

How do I install security patches with no internet access?

Hi, I'm pretty new to Linux and I want to download security patches and install them on RHEL 5.4. I've searched the red hat web site but cant seem to find where the download link is. (5 Replies)
Discussion started by: Jardoo
5 Replies

LEARN ABOUT HPUX

getacl

getacl(1)						      General Commands Manual							 getacl(1)

NAME

       getacl - list access control lists (ACLs) for files (JFS File Systems only)

SYNOPSIS

       file...

DESCRIPTION

       For  each  argument that is a regular file, special file, or named pipe, displays the owner, group, and the Access Control List (ACL).  For
       each directory argument, displays the owner, group, and the ACL and/or the default ACL.	Only directories contain default ACLs.

       With the option specified, the filename, owner, group, and the ACL of the file will be displayed.  With the option specified, the filename,
       owner,  group,  and  the default ACL of the file, if it exists, will be displayed.  With options not specified, the filename, owner, group,
       and both the ACL, and the default ACL, if it exists, will be displayed.

       This command may be executed on a file system that does not support ACLs.  It will report the ACL consisting of only the owning user,  own-
       ing group, class and other entries, based on the permission bits.

       When multiple files are specified on the command line, a blank line will separate the ACL for each file.

   Options
       The command recognizes the following options:

	      Displays the filename, owner, group, and the ACL of the specified file.

	      Displays the the filename, owner, group, and the default
		     ACL of the file, if it exists.

   Operands
       The command recognizes the following operand:

	      file   The file or directory from which retrieves the access control information.

   ACL Format
       The format of an ACL is:

       The  first  three lines show the filename, the file owner, and the file owning group.  Note that when only the option is specified, and the
       file has no default ACL, only these three lines will be displayed.

       The entry without a user ID indicates the permissions that will be granted to the owner of the file.  One or more additional entries  indi-
       cate the permissions that will be granted to the specified users.  The entry without a group identifier indicates the permissions that will
       be granted to the owning group of the file.  One or more additional entries indicate the permissions that will be granted to the  specified
       groups.	The entry indicates the permissions that will be granted to others.

       The  entries  and may only exist for directories, and indicate the default user, group, and other entries that will be added to a file cre-
       ated within the directory.

       The uid is a login name, or a user ID if there is no entry for the uid in the system's password file; gid is a group name, or a group ID if
       there  is  no  entry  for the gid in the system's group file; and perm is a three character string composed of the letters representing the
       separate discretionary access rights: (read), (write), (execute/search), or the placeholder character The perm will  be	displayed  in  the
       following order: If a permission is not granted by an ACL entry, the placeholder character will appear.

       The  ACL entries will be displayed in the order in which they will be evaluated when an access check is performed.  The default ACL entries
       that may exist on a directory have no effect on access checks.

       The file owner permission bits represent the access that the owning user ACL entry has.	The file group class permission bits represent the
       most  access  that  any additional user entry, additional group entry, or the owning group entry may grant.  The file other permission bits
       represent the access that the other ACL entry has.  If a user invokes the command and changes the file group  class  permission	bits,  the
       access granted by the additional ACL entries may be restricted.

       In  order to indicate that the file group class permission bits restrict an ACL entry, will display, after each affected entry, text in the
       form , where perm will show only the permissions actually granted.

EXAMPLES

       Given file with an ACL six entries long, the command

       would print:

       Given file with an ACL six entries long, after the command was issued, the command

       would print:

       Given directory with an ACL containing default entries, the command

       would print:

       Given directory the command

       would print:

NOTICES

       The output from will be in the correct format for input to the command.	If the output from is redirected to a file, the file may  be  used
       as input to In this way, a user may easily assign one file's ACL to another file.

FILES

       for user IDs
       for group IDs

SEE ALSO

       chmod(1), ls(1), setacl(1).  acl(2), aclsort(3C).

																	 getacl(1)
All times are GMT -4. The time now is 09:52 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy