|
|
Sponsored Content
Operating Systems
Solaris
Set ACL permissions Solaris
Post 303031061 by AbuAliiiiiiiiii on Thursday 21st of February 2019 04:27:53 AM
02-21-2019
|
|
10 More Discussions You Might Find Interesting
1. Filesystems, Disks and Memory
Hi All,
Is there any way to use mv command and
that should apply ACL on the moved files that is already set in distination location
This mv command is running in a solaris system. File system is NFS.
Problem I am facing : Currently mv command removes ACL from moved files
and also it... (0 Replies)
Discussion started by: Tlogine
0 Replies
2. Shell Programming and Scripting
I want to do just what the title says. Here's why:
I am adapting a script that backups to a mount. In the script it has a catch where if the drive isn't RW then it unmounts and attempts to remount RW.
# attempt to remount the RW mount point as RW; else abort
$MOUNT -o remount,rw... (3 Replies)
Discussion started by: Movomito
3 Replies
3. Solaris
All,
Does anyone know of a simple way to traverse a file system and collect all ACL's (or ACE's as they are called now)? We use to be able to use getfacl fairly easily for this task but now we are forced to use -v or -V with the 'ls' command to get the extended permissions for a... (1 Reply)
Discussion started by: Shoeless_Mike
1 Replies
4. Shell Programming and Scripting
This may be a question for a different forum, but as I will need a script I thought I would start here.
We recently migrated from Solaris 8 to Solaris 10. The file system in question here is ZFS, meaning the method for listing and applying ACL's has changed dramatically. To make a long story... (3 Replies)
Discussion started by: Shoeless_Mike
3 Replies
5. UNIX for Advanced & Expert Users
Hi,
In our bank production environment - IBM AIX 5.3, we have a particular parent folder inside which an application creates temporary folders & files. These temp folders exist for the lifetime of the user session within the application and then get deleted automatically.
Since these temp... (1 Reply)
Discussion started by: deepaksinbox
1 Replies
6. SuSE
Hi,
One application that I have generates log files into a specific folder in SUSE. When the size of the log file reaches 50 MB, it gets rolled over and it is stored as testlog_1.log and the new events are logged in testlog.log
When I set a chmod -R 744 on the directory of these logs, it... (4 Replies)
Discussion started by: graosn
4 Replies
7. UNIX for Dummies Questions & Answers
Hi,
If User1, User2 and User3 are in the same group. User1 should not be able to view the files of User2 and User3. But User2 and User3 should be able to view all files.
How to set permission for this.
Please help.
Thanks,
Priya. (1 Reply)
Discussion started by: banupriyat
1 Replies
8. Red Hat
Hello All,
I have an application that creates the log files and they created with 600 permissions instead of 644(default). How can I set the permissions so that files can be created with 644. I looked into the /etc/profile for the umask settings and it is set 002(if UID>199). And when I type... (5 Replies)
Discussion started by: s_linux
5 Replies
9. Solaris
we have two Solaris 10 servers with same configuration and settings. We have hard mounted the NFS with the version 4.
In one of the server the newer ACL commands are working fine (chmod and ls -v) whereas in another only posix (getfacl and setfacl alone is working) when we try ls -V in in that... (13 Replies)
Discussion started by: sathishbabu89
13 Replies
10. UNIX for Beginners Questions & Answers
All,
I am building a glusterfs environment for file storage and need to set up ACL's as there are multiple users that need different types of access. I have ingested ~20TB of needed data to /toplevel dir and:
chown -R root:root /toplevel ; chmod -R 775 /toplevel
What I need from ACL as... (0 Replies)
Discussion started by: hburnswell
0 Replies
LEARN ABOUT SUNOS
getfacl
getfacl(1) User Commands getfacl(1) NAME
getfacl - display discretionary file information SYNOPSIS
getfacl [-ad] file... DESCRIPTION
For each argument that is a regular file, special file, or named pipe, the getfacl utility displays the owner, the group, and the Access Control List (ACL). For each directory argument, getfacl displays the owner, the group, and the ACL and/or the default ACL. Only directo- ries contain default ACLs. The getfacl utility may be executed on a file system that does not support ACLs. It reports the ACL based on the base permission bits. With no options specified, getfacl displays the filename, the file owner, the file group owner, and both the ACL and the default ACL, if it exists. OPTIONS
The following options are supported: -a Displays the filename, the file owner, the file group owner, and the ACL of the file. -d Displays the filename, the file owner, the file group owner, and the default ACL of the file, if it exists. OPERANDS
The following operands are supported: file The path name of a regular file, special file, or named pipe. OUTPUT
The format for ACL output is as follows: # file: filename # owner: uid # group: gid user::perm user:uid:perm group::perm group:gid:perm mask:perm other:perm default:user::perm default:user:uid:perm default:group::perm default:group:gid:perm default:mask:perm default:other:perm When multiple files are specified on the command line, a blank line separates the ACLs for each file. The ACL entries are displayed in the order in which they are evaluated when an access check is performed. The default ACL entries that may exist on a directory have no effect on access checks. The first three lines display the filename, the file owner, and the file group owner. Notice that when only the -d option is specified and the file has no default ACL, only these three lines are displayed. The user entry without a user ID indicates the permissions that are granted to the file owner. One or more additional user entries indi- cate the permissions that are granted to the specified users. The group entry without a group ID indicates the permissions that are granted to the file group owner. One or more additional group entries indicate the permissions that are granted to the specified groups. The mask entry indicates the ACL mask permissions. These are the maximum permissions allowed to any user entries except the file owner, and to any group entries, including the file group owner. These permissions restrict the permissions specified in other entries. The other entry indicates the permissions that are granted to others. The default entries may exist only for directories. These entries indicate the default entries that are added to a file created within the directory. The uid is a login name or a user ID if there is no entry for the uid in the system password file, /etc/passwd. The gid is a group name or a group ID if there is no entry for the gid in the system group file, /etc/group. The perm is a three character string composed of the let- ters representing the separate discretionary access rights: r (read), w (write), x (execute/search), or the place holder character -. The perm is displayed in the following order: rwx. If a permission is not granted by an ACL entry, the place holder character appears. If you use the chmod(1) command to change the file group owner permissions on a file with ACL entries, both the file group owner permis- sions and the ACL mask are changed to the new permissions. Be aware that the new ACL mask permissions may change the effective permissions for additional users and groups who have ACL entries on the file. In order to indicate that the ACL mask restricts an ACL entry, getfacl displays an additional tab character, pound sign (#), and the actual permissions granted, following the entry. EXAMPLES
Example 1: Displaying file information Given file foo, with an ACL six entries long, the command host% getfacl foo would print: # file: foo # owner: shea # group: staff user::rwx user:spy:--- user:mookie:r-- group::r-- mask::rw- other::--- Example 2: Displaying information after chmod command Continue with the above example, after chmod 700 foo was issued: host% getfacl foo would print: # file: foo # owner: shea # group: staff user::rwx user:spy:--- user:mookie:r-- #effective:--- group::--- mask::--- other::--- Example 3: Displaying information when ACL contains default entries Given directory doo, with an ACL containing default entries, the command host% getfacl -d doo would print: # file: doo # owner: shea # group: staff default:user::rwx default:user:spy:--- default:user:mookie:r-- default:group::r-- default:mask::--- default:other::--- FILES
/etc/passwd system password file /etc/group group file ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWcsu | +-----------------------------+-----------------------------+ |Interface Stability |Evolving | +-----------------------------+-----------------------------+ SEE ALSO
chmod(1), ls(1), setfacl(1), acl(2), aclsort(3SEC), group(4), passwd(4), attributes(5) NOTES
The output from getfacl is in the correct format for input to the setfacl -f command. If the output from getfacl is redirected to a file, the file may be used as input to setfacl. In this way, a user may easily assign one file's ACL to another file. SunOS 5.10 5 Nov 1994 getfacl(1)