|
|
Sponsored Content
Top Forums
UNIX for Beginners Questions & Answers
Asking about the permission inherit from the parent directory
Post 303041078 by vbe on Thursday 14th of November 2019 04:01:40 AM
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi, I'm new to unix -solaris.
I've just upgraded a third party software product and am testing
it to see if new files created in a test database directory were being created properly and they aren't. They're owned by the user that created the file, instead of poppa and the group of their files... (2 Replies)
Discussion started by: avisb
2 Replies
2. UNIX for Dummies Questions & Answers
In our file system, the SGID for a directory is set right now. Any new files created in this directory will automatically be assigned the same group from the parent directory.
Is there a way to inherit the file permission from the parent directory as well? The OS is Solaris 2.8.
Example:... (1 Reply)
Discussion started by: april
1 Replies
3. Solaris
Hi All,
I have an issue that's eating my head for few days. I would appreciate if anyone could help me out in this to resolve this.
In Solaris 8 container I am facing the below issue.
As oracle user when I do ls -l in /dboracle mountpoint getting permission denied error messages.
$ ls... (3 Replies)
Discussion started by: Sreerag446
3 Replies
4. Shell Programming and Scripting
In shell how would I get the parent directory of a file. E.g. I feed this in:
/path/to/textfile.txt
And get just:
/path/to
Thanks (2 Replies)
Discussion started by: pcwiz
2 Replies
5. UNIX for Dummies Questions & Answers
Is there anyway i can cd to the parent directory of my current directory without using .. entries? (6 Replies)
Discussion started by: linux17
6 Replies
6. UNIX for Dummies Questions & Answers
Hi there,
I want to restrict a users account to only a subdirectory, but it does not seem to be working.
For example
/dir1/dir2/dir3/dir4
user A is only allowed to do things in dir4. the permission is 777.
i've set the permissions to 700 on dir3, dir2, and dir1 to prevent them from... (3 Replies)
Discussion started by: newbie121
3 Replies
7. UNIX for Dummies Questions & Answers
does anyone know how to check in an 'if' statement if a particular directory is a child directory of a particular directory?
help ~ (2 Replies)
Discussion started by: ymc1g11
2 Replies
8. Shell Programming and Scripting
Hi folks,
I have an query that is let say i have to search in an xml file an tag that is <abcdef> now this xml file is at /opt/usr/local so one fastest way to achieve this is go to this location by cd /opt/usr/local and then do grep like this... grep -i abcdef but for this I must know the... (4 Replies)
Discussion started by: punpun66
4 Replies
9. AIX
Hi.
My example:
I have a filesystem /log. Everyday, log files are copied to /log. I'd like to set owner and permission for files and directories in /log like that
chown -R log_adm /log/*
chmod -R 544 /log/*It's OK, but just at that time. When a new log file or new directory is created in /log,... (8 Replies)
Discussion started by: bobochacha29
8 Replies
10. UNIX for Beginners Questions & Answers
Asking about the permission inherit from the parent directory
I am running the web app with tomcat8, I did use umask 007 to set permission for folder which enable the sub files and folder inherit the permission from the parent directory, I was successful which some directories but the directories... (2 Replies)
Discussion started by: janecaongoc
2 Replies
LEARN ABOUT CENTOS
avc_add_callback
avc_add_callback(3) SELinux API documentation avc_add_callback(3) NAME
avc_add_callback - additional event notification for SELinux userspace object managers SYNOPSIS
#include <selinux/selinux.h> #include <selinux/avc.h> int avc_add_callback(int (*callback)(uint32_t event, security_id_t ssid, security_id_t tsid, security_class_t tclass, access_vector_t perms, access_vector_t *out_retained), uint32_t events, security_id_t ssid, security_id_t tsid, security_class_t tclass, access_vector_t perms); DESCRIPTION
avc_add_callback() is used to register callback functions on security events. The purpose of this functionality is to allow userspace object managers to take additional action when a policy change, usually a policy reload, causes permissions to be granted or revoked. events is the bitwise-or of security events on which to register the callback; see SECURITY EVENTS below. ssid, tsid, tclass, and perms specify the source and target SID's, target class, and specific permissions that the callback wishes to moni- tor. The special symbol SECSID_WILD may be passed as the source or target and will cause any SID to match. callback is the callback function provided by the userspace object manager. The event argument indicates the security event which occured; the remaining arguments are interpreted according to the event as described below. The return value of the callback should be zero on suc- cess, -1 on error with errno set appropriately (but see RETURN VALUE below). SECURITY EVENTS
In all cases below, ssid and/or tsid may be set to SECSID_WILD, indicating that the change applies to all source and/or target SID's. Unless otherwise indicated, the out_retained parameter is unused. AVC_CALLBACK_GRANT Previously denied permissions are now granted for ssid, tsid with respect to tclass. perms indicates the permissions to grant. AVC_CALLBACK_TRY_REVOKE Previously granted permissions are now conditionally revoked for ssid, tsid with respect to tclass. perms indicates the permissions to revoke. The callback should set out_retained to the subset of perms which are retained as migrated permissions. Note that out_retained is ignored if the callback returns -1. AVC_CALLBACK_REVOKE Previously granted permissions are now unconditionally revoked for ssid, tsid with respect to tclass. perms indicates the permis- sions to revoke. AVC_CALLBACK_RESET Indicates that the cache was flushed. The SID, class, and permission arguments are unused and are set to NULL. AVC_CALLBACK_AUDITALLOW_ENABLE The permissions given by perms should now be audited when granted for ssid, tsid with respect to tclass. AVC_CALLBACK_AUDITALLOW_DISABLE The permissions given by perms should no longer be audited when granted for ssid, tsid with respect to tclass. AVC_CALLBACK_AUDITDENY_ENABLE The permissions given by perms should now be audited when denied for ssid, tsid with respect to tclass. AVC_CALLBACK_AUDITDENY_DISABLE The permissions given by perms should no longer be audited when denied for ssid, tsid with respect to tclass. RETURN VALUE
On success, avc_add_callback() returns zero. On error, -1 is returned and errno is set appropriately. A return value of -1 from a callback is interpreted as a failed policy operation. If such a return value is encountered, all remaining callbacks registered on the event are called. In threaded mode, the netlink handler thread may then terminate and cause the userspace AVC to return EINVAL on all further permission checks until avc_destroy(3) is called. In non-threaded mode, the permission check on which the error occurred will return -1 and the value of errno encountered to the caller. In both cases, a log message is produced and the kernel may be notified of the error. ERRORS
ENOMEM An attempt to allocate memory failed. NOTES
If the userspace AVC is running in threaded mode, callbacks registered via avc_add_callback() may be executed in the context of the netlink handler thread. This will likely introduce synchronization issues requiring the use of locks. See avc_init(3). Support for dynamic revocation and retained permissions is mostly unimplemented in the SELinux kernel module. The only security event that currently gets excercised is AVC_CALLBACK_RESET. AUTHOR
Eamon Walsh <ewalsh@tycho.nsa.gov> SEE ALSO
avc_init(3), avc_has_perm(3), avc_context_to_sid(3), avc_cache_stats(3), security_compute_av(3) selinux(8) 9 June 2004 avc_add_callback(3)