Printing the user and group info Post: 303040557

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Find all files with group read OR group write OR user write permission

I need to find all the files that have group Read or Write permission or files that have user write permission. This is what I have so far: find . -exec ls -l {} \; | awk '/-...rw..w./ {print $1 " " $3 " " $4 " " $9}' It shows me all files where group read = true, group write = true...

2. Solaris

Secondary group info source

Experts, I know when I use id it shows only the primary group information for the given user, and that info comes from passwd file. When I use groups it shows all groups user are member of, however from where come information given by groups command? grep fmtt3990 /etc/passwd...

3. Shell Programming and Scripting

Help on capturing /etc/group info.....!!

Gurus I am trying to capture all the data in /etc/group file in a CSV ,thru a fingerprinting engine. For hosts having ,unique group names and Ids ,following code works fine. Trouble starts when on a host,there are multiple groups defined with same name and id. e.g One of my hosts has 8...

4. Shell Programming and Scripting

Update LDIF User info based on Test User Certs ID's

Hi I need help.......... I have an Sun One Directory server LDIF file with 5000 user entries, I need to change the data to match Test ID's, so I can run a perf test. I'm way out of my league as I have not done any scripting for 10 years. There are four entries for each user in the file...

5. Ubuntu

Create New User with the same group nd privileges of the other user

Hi, Anyone can help me on how to duplicate privileges and group for useroradb01 to userrootdb01. I have currently using "useroradb01" and create a newly user "userrootdb01". I want both in the sames privileges and group. Please see the existing users list below; drwxr-xr-x 53 useroradb01...

6. Shell Programming and Scripting

need a one liner to grep a group info from /etc/group and use that result to search passwd file

/etc/group tiadm::345:mk789,po312,jo343,ju454,ko453,yx879,iy345,hn453 bin::2:root,daemon sys::3:root,bin,adm adm::4:root,daemon uucp::5:root /etc/passwd mk789:x:234:1::/export/home/dummy:/bin/sh po312:x:234:1::/export/home/dummy:/bin/sh ju454:x:234:1::/export/home/dummy:/bin/sh...

7. Red Hat

Samba/Winbind issue - Can't get user and group info from sub domains

Hi, We now have a Samba or Winbind issue. The Linux client under RHEL6 can not get Windows' AD sub-domain info. See the following output please. The main domain 'Global' is shown online, but the sub-domain 'Europe' and 'Asia' are shown offline although they are online. Commands 'wbinfo -u' and...

8. Red Hat

User is a Part of a Group But Group Details Do Not Show the User

Hi, In the following output you can see the the user "richard" is a member on the team/group "developers": # id richard uid=10247(richard) gid=100361(developers) groups=100361(developers),10053(testers) but in the following details of the said group (developers), the said user...

9. Shell Programming and Scripting

Printing more info than find command gives out

Hi, I am trying to find files that are more than a gig with this command find . -size +1073741823c and it just gives me the names of the files. How do i get it to give me the actual size of the files too? ---------- Post updated at 09:41 AM ---------- Previous update was at 09:37 AM...

LEARN ABOUT DEBIAN

jifty::manual::accesscontrol

Jifty::Manual::AccessControl(3pm)			User Contributed Perl Documentation			 Jifty::Manual::AccessControl(3pm)

NAME

       Jifty::Manual::AccessControl - Using Jifty's default ACL system

DESCRIPTION

       Out of the box Jifty-based applications have an ACL system.  The system automatically validates ACLs on Jifty::Record objects by calling
       the method "current_user_can" before any create, read, update, or delete operation.  In all cases, the arguments passed to the CRUD
       operation are passed as extra arguments to "current_user_can".

       On "create()", we reject the operation if "current_user_can('create')" returns FALSE.

       On "_value()" or "somefieldname", we reject the operation if "current_user_can('read')" returns false.

       On "_set()" or "set_somefieldname", we reject the operation if "current_user_can('update')" returns false.

       On "delete()", we reject the operation if "current_user_can('delete')" returns false.

       Out of the box, "current_user_can" returns 1. When you want to actually check ACLs, you'll need to override "current_user_can()" in your
       "Jifty::Record" subclass.

       It's likely that at some point, you'll decide you want to ask other questions on certain types of operations.  Say, you only want to let
       administrators update the "paid_account" field. In that case, you'd override "check_update_rights()" to look for the "admin" right rather
       than the "update" right, if the "FIELD" is "paid_account".

ENABLING ACCESS CONTROL USING THE USER PLUGIN

       To painlessly enable the AccessControl subsystem, a User plugin is available with an authentication plugin, the "Authentication::Password"
       plugin may get enabled. This is done in the etc/config.yml configuration file.

	   Plugins:
	     - Authentication::Password: {}

       Then, create an "App::Model::User" class that will be override with "Jifty::Plugin::User::Mixin::Model::User" and an authentication plugin
       "Jifty::Plugin::Authentication::Password::Mixin::Model::User" , for example:

	   use strict;
	   use warnings;

	   package App::Model::User;

	   use Jifty::DBI::Schema;

	   use App::Record schema {
	   };

	   use Jifty::Plugin::User::Mixin::Model::User;
	   use Jifty::Plugin::Authentication::Password::Mixin::Model::User;

	   # Your model-specific methods go here.

	   1;

       Next, create the table in your database using the jifty executable like "./bin/jifty schema --setup".

   Expanding the Model
       The model that manages "User" Records is not limited to the plugin's definition. It can be expanded by providing an additional schema
       definition. Every column here will be added to the plugin's columns. Simply add a schema definition block like this:

	   use Jifty::DBI::Schema;
	   use App::Record schema {
	       column 'extra_column_name';

	       column 'mygroup' =>
		      valid_values are qw/admin moderator user/,
		      default is 'user';

	       # more columns if necessary
	   };

       The full syntax for defining a schema can be found in Jifty::Manual::Models or in Jifty::DBI::Schema.

       If you want to manage an admin group, you must protect the group column as only a superuser can change it.  Then, you override
       "current_user_can" in "App::Model::User"

	   sub current_user_can {
	       my $self = shift;
	       my $type = shift;
	       my %args = (@_);

	       return 0
		   if ( $type eq 'update'
		       and !$self->current_user->is_superuser
		       and $args{'column'} eq 'mygroup' );

	       return 1;
	   }

       Defining a method "_init" in your "App::CurrentUser" class gives you a chance to add more data to the "CurrentUser" object. This method
       will automatically get called after the Plugin's "_init" is done.

	   package App::CurrentUser;

	   use strict;
	   use warnings;

	   use base qw(Jifty::CurrentUser);

	   __PACKAGE__->mk_accessors(qw(group));

	   sub _init {
	       my $self = shift;
	       my %args = (@_);

	       if (keys %args) {
		   $self->user_object(App::Model::User->new(current_user => $self));
		   $self->user_object->load_by_cols(%args);

		   if ( $self->user_object->mygroup eq 'admin') {
		       $self->is_superuser(1);
		   };

		   $self->group($self->user_object->mygroup);
	       };
	       $self->SUPER::_init(%args);
	   };

       With your "App::CurrentUser", users in group admin are superuser and you can use "Jifty->web->current_user->group" in your application.

   Templates defined by the "Authentication::Password" plugin
       To avoid the need for repetitive work, the "Authentication::Password" plugin already defines a couple of usable templates:

       /login
	   provides a login screen with a signup option. After successful login, the current continuation is called. If no continuation exists,
	   the template sitting at the base URL (/) is called.

       /logout
	   logs out the current user.

       /signup
	   allows a user to sign up himself/herself. By default a confirmation mail is sent out that has to get followed by the user.

       /passwordreminder
	   after entering his/her mail address, the user will receive a mail that contains a link to /let/reset_lost_password.

       /let/confirm_email
	   is called in the mail and results in accepting the user.

       /let/reset_lost_password
	   enabled by the /passwordreminder template, this template allows a user to reenter a password for future use.

   Doing checks at other places in your code
       If you need to check more than Model-based record operations you will have to do some coding on your own. "Jifty->web->current_user"
       provides a "App::CurrentUser" object that can get queried about the current user.  This object provides some convenience methods:

       "username"
	   returns the name of the current user or "undef" if not logged in.

       "id"
	   returns the id of the current user or "undef" if not logged in.

SEE ALSO

       Jifty::CurrentUser, Jifty::Record, Jifty::RightsFrom, Jifty::Plugin::Authentication::Ldap, Jifty::Plugin::Authentication::CAS

perl v5.14.2							    2010-12-08					 Jifty::Manual::AccessControl(3pm)