Sponsored Content
Operating Systems Linux Red Hat Is there limit on number of ACLs' per directory in Redhat Post 302992728 by bakunin on Wednesday 1st of March 2017 05:14:37 AM
Old 03-01-2017
Quote:
Originally Posted by waavman
I achieve this permission for the different consumer application by granting ACLs' (Access Control List) on the folder containing the bulk extract files to each of the individual accounts of every consumer .
I am of the opinion that your main problem is not a technical limit but one of (practical) maintainability and feasibility. As the numbers of ACLs increase it will get increasingly troublesome to keep track of all the different rights, regardless of any technical limit being hit or not. I suggest to look for a different solution - ideally one which uses only standard UNIX privileges.

For instance, look for ways to sort your users into groups, then give respective group rights to corresponding directories.

I hope this helps.

bakunin
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Directory limit

I'm setting up a file server for users. Does anyone know how I can limit each users directory to 500MB? -------------- Runing Solaris 8 (3 Replies)
Discussion started by: merlin
3 Replies

2. UNIX for Advanced & Expert Users

limit to number of files in a given directory

Everyone, We are on a unix AIX 4.3 platform and our application is written as such that all configuration files must reside in a specific directory. Currently there are over 10,000 files in this directory (and growing at about 300 per month). My question is is there a physical limit to the... (2 Replies)
Discussion started by: hedrict
2 Replies

3. Shell Programming and Scripting

limit the number of jobs to run.

i just want to get the BackGround status and limit the number of jobs to run the at a time. can i able get the back ground exit status ? that i code below. can jobs -l limit the number of jobs to run ? total is this script looks fine ? cat run_job.ksh #!/usr/bin/ksh... (0 Replies)
Discussion started by: GrepMe
0 Replies

4. UNIX for Dummies Questions & Answers

Number of long limit

Hi Hi! I'm currently using AIX 5.2 and would like to know where can i find to see that there's a restriction on the number of login times a user can have. Example, I want give a 2 login per user but some one to give 3 login and some one have to give unlit login time (without logging off the... (2 Replies)
Discussion started by: herath
2 Replies

5. Ubuntu

Redhat 2.1 AS Memory Limit?

I have a customer with an HP DL380 G4 server running Redhat 2.1 AS that has 4GB memory installed. They want to upgrade in the server to the maximum of 12GB using (6) 2GB DIMMs. I can do this for them, but I read somewhere that Redhat 2.1 has an upper memory limit. Or you need a kernel patch to use... (2 Replies)
Discussion started by: Cbish68
2 Replies

6. Solaris

How to limit number of Commands

Is there a way that I can limit number of commands that one user can run during period of time. For example Max 10 commands per senconds.:) (3 Replies)
Discussion started by: winger0608
3 Replies

7. Programming

How to limit the number of child processes

I need a mechanism to fork child processes and all child processes should connect to a server.but the number of child processes should be limited(for ex:50) Here's my pseudo, but I cant figure out how to limit the child process number. Should I use a semaphore? or what? for(;;)... (3 Replies)
Discussion started by: xyzt
3 Replies

8. UNIX for Dummies Questions & Answers

Limit Number of files

hi guys how can i limit number of files in a disk or partition ? or how can i make a limit to inode number for a disk or partition ? ext3 or ext4 file system (1 Reply)
Discussion started by: mhs
1 Replies

9. Cybersecurity

Limit CPU and RAM utilization for new user in RedHat

We have a system with 4 Xeon Processors each with 10 cores, total 512 GB RAM and 10 TB Hard Drive. we want to create multiple user accounts with different resource limitations as : User 1: RAM : 50GB, PROCESSOR: 10 Cores , User folder in home directory of 10GB space. User 2: RAM :... (5 Replies)
Discussion started by: vaibhavvsk
5 Replies

10. UNIX for Beginners Questions & Answers

Limit number of files transferred

I've a folder in remote server and it has 50 files. I like to transfer these files by first 10 and next 10 files. I'm using mget command to transfer the files. How to limit the file transfer limit to 10. instead of copying 50 files at a time. Thanks Janarthan (5 Replies)
Discussion started by: Janarthan
5 Replies
sys_attrs_sec(5)						File Formats Manual						  sys_attrs_sec(5)

NAME
sys_attrs_sec - sec subsystem attributes DESCRIPTION
This reference page lists and describes attributes for the Security (sec) kernel subsystem. Refer to the sys_attrs(5) reference page for an introduction to the topic of kernel subsystem attributes. In the following list, attributes preceded by an asterisk (*) can be modified at run time. Enables (enable) or disables (disable) Access Control List (ACL) access checks and default ACL inheritance on the system. See acl(4) and the Security manual for more information. Default value: disable In a TruCluster environment, the value of this attribute must be the same on all member systems. The size of the audit buffer in 1-KB units. Default value: 16 (kilobytes) Minimum value: 16 Maximum value: 1024 In a TruCluster environment, the value of this attribute must be the same on all member systems. If you are generating your own audit records and the size of these records is close to or greater than the current audit_buffer_size value, increasing this value may improve system performance. The size, in bytes, reserved for the audit site mask. Each byte can support four site-defined events. Default value: 64 (bytes) Minimum value: 1 Maximum value: 1,048,576 In a TruCluster environment, the value of this attribute must be the same on all member systems. The audit subsystem allows sites to define their own audit events (site-defined events). The site-defined events are specified in the /etc/sec/site_events file. Because the number of site-defined events is determined by the customer, the audit_site_events attribute is provided so the customer can specify how much memory the kernel needs to reserve for these events. There is no need to change this value unless there are more than 256 site-defined events. See the Security manual for more information on specifying site-defined events. A value that controls the permission bits of a file with access control lists (ACLs) as seen by an NFS Version 2 client. NFS Version 2 clients make their own file access decisions, based on their interpretation of the file's permission bits. The file permission bits may not accurately specify file access if the file has an ACL. You can specify the following values for the nfs_flatten_mode attribute to better control file access decisions by NFS Version 2 clients: Do not modify file access; send the original file per- mission bits to the NFS Version 2 client. Restrict the file access; modify the "group" and "other" fields of the file permissions so that the permission bits grant only a level of access that is granted in every ACL entry. For example, send permission bits that grant write access only if all ACL entries grant write access. Make file access more permissive; modify the "group" and "other" fields of the file permissions so that the permission bits reflect a level of access that is granted by the combination of ACL entries. For example, if some ACL entries grant read and execute permission and others grant write permission, send permission bits that grant read, write, and execute permission. Default value: 0 In a TruCluster environment, the value of this attribute must be the same on all member systems. See acl(4) for more information. The size limit, in bytes, of property list entries on UFS file systems. Default value: 8192 (bytes) Minimum value: 320 Maximum value: 18,446,744,073,709,551,615 In a TruCluster environment, the value of this attribute must be the same on all member systems. On AdvFS file systems, a property list entry has a hard size limit of 1560 bytes. The ufs_proplist_max_entry attribute facilitates interoperation of UFS and AdvFS property list entries. Set this attribute to 1560 if you want to use all property list entries on your system with both UFS and AdvFS file systems. See proplist(4) for more information about property lists. The ufs_proplist_max_entry attribute interacts with the ufs_sec_proplist_max_entry attribute. The latter is used to configure the size of ACLs on UFS file systems. Because ACLs are stored in property lists, ufs_sec_proplist_max_entry cannot be greater than (ufs_proplist_max_entry - 64) bytes. If ufs_sec_proplist_max_entry is set to exceed this limit, the value of ufs_proplist_max_entry is automatically increased. The size limit, in bytes, of ACLs on UFS file systems. Default value: 1548 (bytes) Minimum value: 256 Maximum value: 18,446,744,073,709,551,551 In a TruCluster environment, the value of this attribute must be the same on all member systems. ACLs are implemented by using property lists. On AdvFS file systems, there is a hard size limit of 1560 bytes for a property list entry. This limit allows 2548 bytes for the ACL data, or a total of 65 entries, plus the three required entries of user::, group::, and other::. Files have only one ACL, an Access ACL. Directories can have up to three ACLs: an Access ACL, a Default ACL, and a Default Directory ACL. The AdvFS limit is placed on each of the three ACLs for a directory, meaning that each can have up to 65 entries. See acl(4) and the Security manual for more information about ACLs. By default, the ufs_sec_proplist_max_entry attribute is set to ensure that the size limit of ACLs on UFS file systems is the same as the size limit of ACLs on AdvFS file systems. This ensures that ACLs on your system can be copied between UFS and AdvFS file sys- tems. It is recommended that you not modify the default setting of ufs_sec_proplist_max_entry unless you have strong need for larger ACLs. The ufs_sec_proplist_max_entry attribute interacts with the ufs_proplist_max_entry attribute. See the description of ufs_pro- plist_max_entry for a description of this relationship. SEE ALSO
Files: acl(4), proplist(4) Others: sys_attrs(5) Security sys_attrs_sec(5)
All times are GMT -4. The time now is 01:36 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy