|
|
Sponsored Content
Top Forums
UNIX for Beginners Questions & Answers
Setting write permission for particular user
Post 303004550 by RudiC on Wednesday 4th of October 2017 10:44:39 AM
|
|
9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I need to find all the files that have group Read or Write permission or files that have user write permission.
This is what I have so far:
find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}'
It shows me all files where group read = true, group write = true... (5 Replies)
Discussion started by: shunter63
5 Replies
2. Shell Programming and Scripting
Hi,
The requirement is like,
the program needs 2 argument one is user_id and second one is directory path. My script will check if that user_id has write access to the directory path. The directory path may be in any file system like AFS or NFS.
Can any one please suggest some points to... (1 Reply)
Discussion started by: siba.s.nayak
1 Replies
3. Shell Programming and Scripting
Guys, i wanna get any user files with write permission (on user or group permission) for review but i confuse with -perm parameter.
any body can help me to explain what is that mean?
thank's (1 Reply)
Discussion started by: michlix
1 Replies
4. Solaris
Trying to figure out the best method of security for oracle user accounts. In Solaris 10 they are set as regular users but have nologin set forcing the dev's to login as themselves and then su to the oracle users.
In Solaris11 we have the option of making it a role because RBAC is enabled but... (1 Reply)
Discussion started by: os2mac
1 Replies
5. Web Development
Hi
I am trying to make a web program which is command line equivalent. i have done the coding in cgi program in perl and html for basic forms to take inputs. when i ran the program from web application i see permission denied messages. after analyzing i found apache is running as wwwrun which... (2 Replies)
Discussion started by: rakeshkumar
2 Replies
6. UNIX for Advanced & Expert Users
In our project we have several unix scripts that trigger different processes. These scripts write logs to a particular folder 'sesslogs', create output data files in a separate directory called 'datafiles' etc. Usually L1 support team re-run these scripts . We donot want L1 support team to have... (14 Replies)
Discussion started by: waavman
14 Replies
7. AIX
I have searched this quite a long time but couldn't find the right method for me to use. I need to assign read write permission to the user for specific directories and it's sub directories and files. I do not want to use ACL. I do not want to assign user the same group of that directories too.... (0 Replies)
Discussion started by: blinkingdan
0 Replies
8. Solaris
I have searched this quite a long time but couldn't find the right method for me to use. I need to assign read write permission to the user for specific directories and it's sub directories and files. I do not want to use ACL. This is for Solaris. Please help. (1 Reply)
Discussion started by: blinkingdan
1 Replies
9. UNIX for Beginners Questions & Answers
I have built a website and I can access and edit the website'files on server via the root user. The current file and directory structures are not changeable. Now I am hiring a webpage designer to help me re-design some pages, I am going to let the designer edit the files directly on the server. So... (5 Replies)
Discussion started by: uwo-g-xw
5 Replies
LEARN ABOUT DEBIAN
apache2::sitecontrol::permissionmanager
Apache2::SiteControl::PermissionManager(3pm) User Contributed Perl Documentation Apache2::SiteControl::PermissionManager(3pm) NAME
Apache2::SiteControl::PermissionManager - Rule-based permission management SYNOPSIS
use Apache2::SiteControl::PermissionManager; $manager = new Apache2::SiteControl::PermissionManager(); $rule1 = new SomeSubclassOfSiteControl(); $manager->addRule($rule1); ... $user = new SomeUserTypeYouDefineThatMakesSenseToRules; if($manager->can($user, $action, $resource)) { # OK to do action } # For example if($manager->can($user, "read", "/etc/shadow")) { open DATA, "</etc/shadow"; ... } DESCRIPTION
This module implements a user capabilities API. The basic idea is that you have a set of users and a set of things that can be done in a system. In the code of the system itself, you want to surround sensitive operations with code that determines if the current user is allowed to do that operation. This module attempts to make such a system possible, and easily extensible. The module requires that you write implementations of rules for you system that are subclasses of Apache2::SiteControl::Rule. The rules can be written to use any data types, which are abstractly known as "users", "actions", and "resources." A user is some object that your applications uses to identify the person operating the program. The expectation is that at some point the application authenticated the user and obtained their identity, and the rest of the application is merely applying a ruleset to determine what that user is allowed to do. In the context of the SiteControl system, this user is a Apache2::SiteControl::User or subclass thereof. An action can be any data type (i.e. simply a string). Again, it is really up to the code of the rules (which are primarily written by you) to determine what is valid. The overall usage of this package is as follows: 1. Decide how you want to represent a user. (i.e. Apache2::SiteControl::User) 2. Decide the critical sections of your code that need to be protected, and decide what to do if the user doesn't pass muster. For example if a screen should just hide fields, then the application code needs to reflect that. 3. Create a permission manager instance for your application. Typically use a singleton pattern (there need be only one manager). In the SiteControl system, this is done by a ManagerFactory that you write. 4. Surround sensitive sections of code with something like: if($manager->can($user, "view salary", $payrollRecord)) { # show salary fields } else # hide salary fields } 5. Create rules that spell out the behavior you want and add them to your application's permission manager. The basic idea is that a rule can grant permission, or deny it. If it neither grants or denies, then the manager will take the safe route and say that the action cannot be taken. Part of the code for the rule for protecting salaries might look like: package SalaryViewRule; use Apache2::SiteControl::Rule; use Apache2::SiteControl::User; use base qw(Apache2::SiteControl::Rule); sub grants { $this = shift; $user = shift; $action = shift; $resource = shift; # Do not grant on requests we don't understand. return 0 if(!$user->isa("Apache2::SiteControl::User") || !$this->isa("Apache2::SiteControl::Rule")); if($action eq "view salary" && $resource->isa("Payroll::Record")) { if($user->getUsername() eq $resource->getEmployeeName()) { return "user can view their own salary"; } } return 0; } Then in your subclass of ManagerFactory: use SalaryViewRule; ... $viewRule = new SalaryViewRule; $manager->addRule($viewRule); METHODS
can(user, action verb, resource) This is the primary method of the PermissionManager. It asks if the specified user can do the specified action on the specified resource. For example, $manager->can($user, "eat", "cake"); would return true if the user is allowed to eat cake. Note that this gives you quite a bit of flexibility, but at the expense of strong type safety. It is suggested that all of your rules do type checking to insure that a rule is properly applied. SEE ALSO
Apache2::SiteControl::Rule, Apache::SiteControl::ManagerFactory, Apache2::SiteControl::UserFactory, Apache::SiteControl AUTHOR
This module was written by Tony Kay, <tkay@uoregon.edu>. COPYRIGHT AND LICENSE
perl v5.14.2 2006-03-17 Apache2::SiteControl::PermissionManager(3pm)