11-21-2019
Bottom line is you can't prevent root from either doing something on a system or at least acquire the means to do it (as with chattr and similar mechanisms) and do it then. This is necessary because without this amount of freedom root would not be able to function as the systems ultimate administration account.
The usual remedy if you want some file(-space) to be protected from roots tampering is to put it off the server: create an NFS share on some remote server, mount it where you want to be protected from roots access and adjust the rights accordingly. This is the common way of i.e. protecting logs from possible tampering.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Is there a way to tell what files/scripts are writing/wrote to a given directory? (3 Replies)
Discussion started by: hattorihanzo
3 Replies
2. Shell Programming and Scripting
I have to do a directory clean up on several machines. The task is as follows:
go to a particular directory (cd /xxx)
1. create a directory ' SCRIPTCLEANUP ' ( i KNOW IT)
loop through
2. List the directory
3. if directory and start with 'DQA' leave it,
4. if directory or file move it to... (0 Replies)
Discussion started by: ajaya
0 Replies
3. UNIX for Dummies Questions & Answers
Hello,
I just want to ask the following use of find command:
1. how can I find files only to the current directory?
2. how can I find files to directories and all subdiretories (are this include soft links?) but will not go to other mountpoints that is under that mountpoint.
Im combining... (1 Reply)
Discussion started by: james_falco
1 Replies
4. Shell Programming and Scripting
Hi,
Has anyone tried to restrict Solaris 10 unix find on a large directory structure based on time to stop running after finding the first occurrence of a matching query. Basically I'm trying to build up a usage map of user workspaces based on file modification (week/month/3 months/year etc) and... (3 Replies)
Discussion started by: jm0221
3 Replies
5. UNIX for Dummies Questions & Answers
hai,
I am new to Unix, I have a requirement to display owner name , directory or sub directory name, who's owner name is not equal to "oasitqtc".
(here "oasitqtc" is the owner of the directory or sub directory.)
i have a command (below) which will display all folders and sub folders, but i... (6 Replies)
Discussion started by: gagan4599
6 Replies
6. Shell Programming and Scripting
I am trying to write a script that once executed it will search within a directory and copy only the newest directory that has not been copied before to a new location. Kind of like what ROBOCOPY /M does in windows?
The directories are not left in the new location so using a sync action won't... (2 Replies)
Discussion started by: Keriderf
2 Replies
7. Shell Programming and Scripting
Need shell script to:
1/keep polling a directory "receive_dir" irrespective of having files or no files in it.
2/move the files over to another directory "send_dir".
3/the script should only stop polling upon a file "stopfile" get moved to "receive_dir". Thanks !!
My script:
until
do... (0 Replies)
Discussion started by: iaav
0 Replies
8. What is on Your Mind?
Please, I beg you, “Stop!” Yes, stop writing scripts and instead build workflows.
Programmers, Sys-Admins, System Support, I'm talking to you.
Ok, I know in this community I'm going to get some serious backlash for my statements but I truly believe in my statement.
There was a time when... (13 Replies)
Discussion started by: mikemazz
13 Replies
9. UNIX for Dummies Questions & Answers
I know that this basic question has been asked many times and solutions all over the internet, but none of the are working for me. I have a directory in the root directory, named "-p".
# ls -l /
total 198
<snip>
drwxr-xr-x 4 root root 4096 Dec 3 14:18 opt
drwxr-xr-x 2 root ... (2 Replies)
Discussion started by: edstevens
2 Replies
10. Solaris
Hello,
I've just started using a Solaris machine with SunOS 5.10.
After the machine is turned on, I open a Console window and at the prompt, if I execute a pwd command, it tells me I'm at my home directory (someone configured "myuser" as default user after init).
... (2 Replies)
Discussion started by: egyassun
2 Replies
LEARN ABOUT SUNOS
dfshares_nfs
dfshares_nfs(1M) System Administration Commands dfshares_nfs(1M)
NAME
dfshares_nfs - list available NFS resources from remote systems
SYNOPSIS
dfshares [ -F nfs] [-h] [server...]
DESCRIPTION
dfshares provides information about resources available to the host through NFS. The -F flag may be omitted if NFS is the first file sys-
tem type listed in the file /etc/dfs/fstypes.
The query may be restricted to the output of resources available from one or more servers.
dfshares without arguments displays all resources shared on the local system, regardless of file system type.
Specifying server displays information about the resources shared by each server. Server can be any system on the network. If no server
is specified, then server is assumed to be the local system.
The output of dfshares consists of an optional header line (suppressed with the -h flag) followed by a list of lines containing whitespace-
separated fields. For each resource, the fields are:
resource server access transport
where
resource Specifies the resource name that must be given to the mount(1M) command.
server Specifies the system that is making the resource available.
access Specifies the access permissions granted to the client systems; however, dfshares cannot determine this information
for an NFS resource and populates the field with a hyphen (-).
transport Specifies the transport provider over which the resource is shared; however, dfshares cannot determine this information
for an NFS resource and populates the field with a hyphen (-).
A field may be null. Each null field is indicated by a hyphen (-) unless the remainder of the fields on the line are also null; in which
case, the hyphen may be omitted.
OPTIONS
-F nfs Specify the NFS file system type
-h Suppress header line in output.
FILES
/etc/dfs/fstypes
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWnfscu |
+-----------------------------+-----------------------------+
SEE ALSO
mount(1M), share(1M), unshare(1M), attributes(5)
SunOS 5.10 6 Nov 2000 dfshares_nfs(1M)