Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Question for expert only in Access control list
Top Forums UNIX for Advanced & Expert Users Question for expert only in Access control list Post 302989095 by mecnio on Saturday 7th of January 2017 07:03:33 PM
Old 01-07-2017
Question Question for expert only in Access control list
If I'm the admin for the financial system and I want to configure authorization pf file system permission.Also, The first rule is that Managers and clerks can read and write billings for all cases. The second rules is that Paralegals and administrative assits can read and write billings only on cases assigned to their supervising Manager.
how to write these rules in Linux by using ACL approach
 

10 More Discussions You Might Find Interesting

1. Filesystems, Disks and Memory

Access Control

In Windows XP, there are 3 default access control groups namely: Administrators, Users and Power Users. Is there default access control groups in Unix system? If there is, what are they? newbie. (1 Reply)
Discussion started by: zertoir
1 Replies

2. UNIX for Dummies Questions & Answers

Access control Lists

Hi, I was wondering if someone could help me with ACL's. I have a file, say output, created by the root user, member of group other. Its permissions are rwxr--r--. I want only people in group other to have rwx access, but I also want one other user, stephen, member of some_other_group to have rwx... (1 Reply)
Discussion started by: sroberts82
1 Replies

3. Shell Programming and Scripting

Access Control List

Hey all, I have a directory (own by user: b; group: grpB) which I want a user (user: a; group: grpA) to be able to read and execute from, I wonder if I should add user a to this particular directory's ACL or that I would add group grpB to user a's subgroup? I would like to know the difference... (3 Replies)
Discussion started by: mpang_
3 Replies

4. Solaris

Command for access control list

Hi, I want to set access control list on folders but it should be recursively, any Idea? command (1 Reply)
Discussion started by: manoj.solaris
1 Replies

5. UNIX for Dummies Questions & Answers

FTP access & control question

Folks; I need some help with these: 1. understanding how to control access rights and manage visibility using FTP in Solaris, in other words, I need to use FTP in Solaris to be able to give some users access to add/modify data to/from the UNIX server. 2. How can i control the space allowed for... (2 Replies)
Discussion started by: Katkota
2 Replies

6. UNIX for Dummies Questions & Answers

Does U*X have Access Control Lists?

In OS like windows, I can define an Access Control List (ACL) and specify which accounts and groups have what access to a specific file. I assume U*X, Linux and cygwin on windows have this ACL feature too. I'm using cygwin on windows. What do I type at a bash prompt to allow a specific user... (1 Reply)
Discussion started by: siegfried
1 Replies

7. UNIX for Dummies Questions & Answers

Internet Access Control

I need to control intenet access @ work. xample. I need PC 1 to only be able to access these five sites and add to the list as needed. Can anyone pint me a direction. (1 Reply)
Discussion started by: fruiz
1 Replies

8. AIX

Access control using LDAP

Hello, I've configurated a LDAP user authentication on AIX V6 against Active Directory (Windows Server 2008). The Tree is built as follows: test (DC) |--- testgroup (group with members: user1, user2) | |--- sys1 (OU) | |--- sys1group (group with member: user1) | |--- sys2 (OU)... (0 Replies)
Discussion started by: xia777
0 Replies

9. UNIX for Dummies Questions & Answers

eTrust Access Control

Hi, I am using eTrust Access Control at work. I have got no output after type checklogin. I wonder what is the reason. Does anyone know? Thanks eTrustAC selang v8.00a-1555.13 - eTrustAC command line interpreter Copyright (c) 2006 CA. All rights reserved. eTrustAC> checklogin user1... (0 Replies)
Discussion started by: uuontario
0 Replies

10. Proxy Server

How to use Squid on Linux to control certain IP to access Web Server and certain IP cannot access?

Dear all experts here, :) I would like to install a proxy server on Linux server to perform solely to control the access of Web server. In this case, some of my vendor asked me to try Squid and I have installed it onto my Linux server. I would like know how can I set the configuration to... (1 Reply)
Discussion started by: kwliew999
1 Replies

LEARN ABOUT DEBIAN

fs_copyacl

FS_COPYACL(1)						       AFS Command Reference						     FS_COPYACL(1)

NAME

       fs_copyacl - Copies an ACL from a directory to one or more other directories

SYNOPSIS

       fs copyacl -fromdir <source directory (or DFS file)>
	   -todir <destination directory (or DFS file)>+
	   [-clear] [-id] [-if] [-help]

       fs co -f <source directory (or DFS file)>
	   -t <destination directory (or DFS file)>+
	   [-c] [-id] [-if] [-h]

DESCRIPTION

       The fs copyacl command copies the access control list (ACL) from a source directory to each specified destination directory. The source
       directory's ACL is unchanged, and changes to the destination directory's ACL obey the following rules:

       o   If an entry on the source ACL does not already exist on the destination ACL, it is added.

       o   If an entry exists on both the source and destination ACLs, the permissions from the source ACL entry replace the current permissions
	   on the destination ACL entry.

       o   If an entry on the destination ACL has no corresponding entry on the source ACL, it is removed if the -clear flag is included and is
	   unchanged otherwise. In other words, if the -clear flag is provided, the source ACL completely replaces the destination ACL.

       When using this command to copy ACLs between objects in DFS filespace accessed via the AFS/DFS Migration Toolkit Protocol Translator, it is
       possible to specify files, as well as directories, with the -fromdir and -todir arguments.

CAUTIONS

       Do not copy ACLs between AFS and DFS files or directories. The ACL formats are incompatible.

OPTIONS

       -fromdir <source directory>
	   Specifies the source directory from which to copy the ACL.  (Specifying an AFS file copies its directory's ACL, but specifying a DFS
	   file copies its own ACL.) A partial pathname is interpreted relative to the current working directory.

       -todir <destination directory>
	   Specifies each directory for which to alter the ACL to match the source ACL. (Specifying an AFS file halts the command with an error,
	   but specifying a DFS file alters the file's ACL). A partial pathname is interpreted relative to the current working directory.

	   Specify the read/write path to each directory (or DFS file), to avoid the failure that results from attempting to change a read-only
	   volume. By convention, the read/write path is indicated by placing a period before the cell name at the pathname's second level (for
	   example, "/afs/.abc.com"). For further discussion of the concept of read/write and read-only paths through the filespace, see the fs
	   mkmount reference page.

       -clear
	   Replaces the ACL of each destination directory with the source ACL.

       -id Modifies the Initial Container ACL of each DFS directory named by the -todir argument, rather than the regular Object ACL. This
	   argument is supported only when both the source and each destination directory reside in DFS and are accessed via the AFS/DFS Migration
	   Toolkit Protocol Translator.

       -if Modifies the Initial Object ACL of each DFS directory named by the -todir argument, rather than the regular Object ACL. This argument
	   is supported only when both the source and each destination directory reside in DFS and are accessed via the AFS/DFS Migration Toolkit
	   Protocol Translator.

       -help
	   Prints the online help for this command. All other valid options are ignored.

EXAMPLES

       The following example command copies the current working directory's ACL to its subdirectory called reports. Note that the source
       directory's ACL is unaffected. Entries on the reports directory's that are not on the source ACL of the current directory remain unaffected
       as well, because the -clear flag is not used.

	  % fs listacl . reports
	  Access list for . is
	  Normal rights:
	     pat rlidwka
	     smith rlidwk
	  Access list for reports is
	  Normal rights:
	     pat rl
	     pat:friends rl
	  Negative rights
	     jones rlidwka

	  % fs copyacl -fromdir . -todir reports

	  % fs listacl . reports
	  Access list for . is
	  Normal rights:
	     pat rlidwka
	     smith rlidwk
	  Access list for reports is
	  Normal rights:
	     pat rlidwka
	     pat:friends rl
	     smith rlidwk
	  Negative rights
	     jones rlidwka

PRIVILEGE REQUIRED

       To copy an ACL between AFS objects, the issuer must have the "l" (lookup) permission on the source directory's ACL and the "a" (administer)
       permission on each destination directory's ACL. If the -fromdir argument names a file rather than a directory, the issuer must have both
       the "l" and "r" (read) permissions on the ACL of the file's directory.

       To copy an ACL between DFS objects, the issuer must have the r permission on the source directory or file's ACL and the "c" (control)
       permission on each destination directory or file's ACL.

SEE ALSO

       fs_listacl(1), fs_mkmount(1), fs_setacl(1)

COPYRIGHT

       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.  It was converted from HTML to POD by software written by Chas
       Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.

OpenAFS 							    2012-03-26							     FS_COPYACL(1)
All times are GMT -4. The time now is 11:00 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy