Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Is there limit on number of ACLs' per directory in Redhat
Operating Systems Linux Red Hat Is there limit on number of ACLs' per directory in Redhat Post 302992728 by bakunin on Wednesday 1st of March 2017 05:14:37 AM
Old 03-01-2017
Quote:
Originally Posted by waavman
I achieve this permission for the different consumer application by granting ACLs' (Access Control List) on the folder containing the bulk extract files to each of the individual accounts of every consumer .
I am of the opinion that your main problem is not a technical limit but one of (practical) maintainability and feasibility. As the numbers of ACLs increase it will get increasingly troublesome to keep track of all the different rights, regardless of any technical limit being hit or not. I suggest to look for a different solution - ideally one which uses only standard UNIX privileges.

For instance, look for ways to sort your users into groups, then give respective group rights to corresponding directories.

I hope this helps.

bakunin
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Directory limit

I'm setting up a file server for users. Does anyone know how I can limit each users directory to 500MB? -------------- Runing Solaris 8 (3 Replies)
Discussion started by: merlin
3 Replies

2. UNIX for Advanced & Expert Users

limit to number of files in a given directory

Everyone, We are on a unix AIX 4.3 platform and our application is written as such that all configuration files must reside in a specific directory. Currently there are over 10,000 files in this directory (and growing at about 300 per month). My question is is there a physical limit to the... (2 Replies)
Discussion started by: hedrict
2 Replies

3. Shell Programming and Scripting

limit the number of jobs to run.

i just want to get the BackGround status and limit the number of jobs to run the at a time. can i able get the back ground exit status ? that i code below. can jobs -l limit the number of jobs to run ? total is this script looks fine ? cat run_job.ksh #!/usr/bin/ksh... (0 Replies)
Discussion started by: GrepMe
0 Replies

4. UNIX for Dummies Questions & Answers

Number of long limit

Hi Hi! I'm currently using AIX 5.2 and would like to know where can i find to see that there's a restriction on the number of login times a user can have. Example, I want give a 2 login per user but some one to give 3 login and some one have to give unlit login time (without logging off the... (2 Replies)
Discussion started by: herath
2 Replies

5. Ubuntu

Redhat 2.1 AS Memory Limit?

I have a customer with an HP DL380 G4 server running Redhat 2.1 AS that has 4GB memory installed. They want to upgrade in the server to the maximum of 12GB using (6) 2GB DIMMs. I can do this for them, but I read somewhere that Redhat 2.1 has an upper memory limit. Or you need a kernel patch to use... (2 Replies)
Discussion started by: Cbish68
2 Replies

6. Solaris

How to limit number of Commands

Is there a way that I can limit number of commands that one user can run during period of time. For example Max 10 commands per senconds.:) (3 Replies)
Discussion started by: winger0608
3 Replies

7. Programming

How to limit the number of child processes

I need a mechanism to fork child processes and all child processes should connect to a server.but the number of child processes should be limited(for ex:50) Here's my pseudo, but I cant figure out how to limit the child process number. Should I use a semaphore? or what? for(;;)... (3 Replies)
Discussion started by: xyzt
3 Replies

8. UNIX for Dummies Questions & Answers

Limit Number of files

hi guys how can i limit number of files in a disk or partition ? or how can i make a limit to inode number for a disk or partition ? ext3 or ext4 file system (1 Reply)
Discussion started by: mhs
1 Replies

9. Cybersecurity

Limit CPU and RAM utilization for new user in RedHat

We have a system with 4 Xeon Processors each with 10 cores, total 512 GB RAM and 10 TB Hard Drive. we want to create multiple user accounts with different resource limitations as : User 1: RAM : 50GB, PROCESSOR: 10 Cores , User folder in home directory of 10GB space. User 2: RAM :... (5 Replies)
Discussion started by: vaibhavvsk
5 Replies

10. UNIX for Beginners Questions & Answers

Limit number of files transferred

I've a folder in remote server and it has 50 files. I like to transfer these files by first 10 and next 10 files. I'm using mget command to transfer the files. How to limit the file transfer limit to 10. instead of copying 50 files at a time. Thanks Janarthan (5 Replies)
Discussion started by: Janarthan
5 Replies

LEARN ABOUT DEBIAN

fs_listacl

FS_LISTACL(1)						       AFS Command Reference						     FS_LISTACL(1)

NAME

       fs_listacl - Displays ACLs

SYNOPSIS

       fs listacl [-path <dir/file path>+] [-id] [-if] [-cmd] [-help]

       fs la [-p <dir/file path>+] [-id] [-if] [-cmd] [-h]

       fs lista [-p <dir/file path>+] [-id] [-if] [-cmd] [-h]

DESCRIPTION

       The fs listacl command displays the access control list (ACL) associated with each specified file, directory, or symbolic link. The
       specified element can reside in the DFS filespace if the issuer is using the AFS/DFS Migration Toolkit Protocol Translator to access DFS
       data (and DFS does implement per-file ACLs). To display the ACL of the current working directory, omit the -path argument.

       To alter an ACL, use the fs setacl command. To copy an ACL from one directory to another, use the fs copyacl command. To remove obsolete
       entries from an ACL, use the fs cleanacl command.

CAUTIONS

       Placing a user or group on the "Negative rights" section of the ACL does not guarantee denial of permissions, if the "Normal rights"
       section grants the permissions to members of the system:anyuser group. In that case, the user needs only to issue the unlog command to
       obtain the permissions granted to the system:anyuser group.

OPTIONS

       -path <dir/file path>+
	   Names each directory or file for which to display the ACL. For AFS files, the output displays the ACL from the file's parent directory;
	   DFS files do have their own ACL. Incomplete pathnames are interpreted relative to the current working directory, which is also the
	   default value if this argument is omitted.

       -id Displays the Initial Container ACL of each DFS directory. This argument is supported only on DFS directories accessed via the AFS/DFS
	   Migration Toolkit Protocol Translator.

       -if Displays the Initial Object ACL of each DFS directory. This argument is supported only on DFS directories accessed via the AFS/DFS
	   Migration Toolkit Protocol Translator.

       -cmd
	   Outputs an fs setacl command string that can be used to recreate the ACL applied to the specified file, directory or symbolic link.

       -help
	   Prints the online help for this command. All other valid options are ignored.

OUTPUT

       The first line of the output for each file, directory, or symbolic link reads as follows:

	  Access list for <directory> is

       If the issuer used shorthand notation in the pathname, such as the period (".") to represent the current current directory, that notation
       sometimes appears instead of the full pathname of the directory.

       Next, the "Normal rights" header precedes a list of users and groups who are granted the indicated permissions, with one pairing of user or
       group and permissions on each line. If negative permissions have been assigned to any user or group, those entries follow a "Negative
       rights" header. The format of negative entries is the same as those on the "Normal rights" section of the ACL, but the user or group is
       denied rather than granted the indicated permissions.

       AFS does not implement per-file ACLs, so for a file the command displays the ACL on its directory. The output for a symbolic link displays
       the ACL that applies to its target file or directory, rather than the ACL on the directory that houses the symbolic link.

       The permissions for AFS enable the possessor to perform the indicated action:

       a (administer)
	   Change the entries on the ACL.

       d (delete)
	   Remove files and subdirectories from the directory or move them to other directories.

       i (insert)
	   Add files or subdirectories to the directory by copying, moving or creating.

       k (lock)
	   Set read locks or write locks on the files in the directory.

       l (lookup)
	   List the files and subdirectories in the directory, stat the directory itself, and issue the fs listacl command to examine the
	   directory's ACL.

       r (read)
	   Read the contents of files in the directory; issue the "ls -l" command to stat the elements in the directory.

       w (write)
	   Modify the contents of files in the directory, and issue the UNIX chmod command to change their mode bits

       A, B, C, D, E, F, G, H
	   Have no default meaning to the AFS server processes, but are made available for applications to use in controlling access to the
	   directory's contents in additional ways. The letters must be uppercase.

       For DFS files and directories, the permissions are similar, except that the DFS "x" (execute) permission replaces the AFS "l" (lookup)
       permission, DFS "c" (control) replaces AFS "a" (administer), and there is no DFS equivalent to the AFS "k" (lock) permission. The meanings
       of the various permissions also differ slightly, and DFS does not implement negative permissions. For a complete description of DFS
       permissions, see the DFS documentation.

EXAMPLES

       The following command displays the ACL on the home directory of the user "pat" (the current working directory), and on its "private"
       subdirectory.

	  % fs listacl -path . private
	  Access list for . is
	  Normal rights:
	     system:authuser rl
	     pat rlidwka
	     pat:friends rlid
	  Negative rights:
	     smith rlidwka
	  Access list for private is
	  Normal rights:
	     pat rlidwka

       The following command generates the fs setacl command required to recreate the ACL on the home directory of the user "pat" (the current
       working directory), and on its "private" subdirectory.

	  % fs listacl -path . private -cmd
	  fs setacl -dir . -acl system:authuser rl  pat rlidwka   pat:friends rlid
	  fs setacl -dir . -acl smith rlidwka -negative
	  fs setacl -dir private -acl pat rlidwka

PRIVILEGE REQUIRED

       If the -path argument names an AFS directory, the issuer must have the "l" (lookup) permission on its ACL and the ACL for every directory
       that precedes it in the pathname.

       If the -path argument names an AFS file, the issuer must have the "l" (lookup) and "r" (read) permissions on the ACL of the file's
       directory, and the l permission on the ACL of each directory that precedes it in the pathname.

       If the -path argument names a DFS directory or file, the issuer must have the "x" (execute) permission on its ACL and on the ACL of each
       directory that precedes it in the pathname.

SEE ALSO

       fs_cleanacl(1), fs_copyacl(1), fs_setacl(1)

COPYRIGHT

       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.  It was converted from HTML to POD by software written by Chas
       Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.

OpenAFS 							    2012-03-26							     FS_LISTACL(1)
All times are GMT -4. The time now is 09:32 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy