|
|
Sponsored Content
Special Forums
Hardware
Filesystems, Disks and Memory
Access Control
Post 40536 by zertoir on Wednesday 17th of September 2003 01:16:50 PM
09-17-2003
|
|
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
I was wondering if someone could help me with ACL's. I have a file, say output, created by the root user, member of group other. Its permissions are rwxr--r--. I want only people in group other to have rwx access, but I also want one other user, stephen, member of some_other_group to have rwx... (1 Reply)
Discussion started by: sroberts82
1 Replies
2. Shell Programming and Scripting
Hey all, I have a directory (own by user: b; group: grpB) which I want a user (user: a; group: grpA) to be able to read and execute from, I wonder if I should add user a to this particular directory's ACL or that I would add group grpB to user a's subgroup?
I would like to know the difference... (3 Replies)
Discussion started by: mpang_
3 Replies
3. Solaris
Hi,
I want to set access control list on folders but it should be recursively,
any Idea? command (1 Reply)
Discussion started by: manoj.solaris
1 Replies
4. UNIX for Dummies Questions & Answers
In OS like windows, I can define an Access Control List (ACL) and specify which accounts and groups have what access to a specific file.
I assume U*X, Linux and cygwin on windows have this ACL feature too. I'm using cygwin on windows. What do I type at a bash prompt to allow a specific user... (1 Reply)
Discussion started by: siegfried
1 Replies
5. UNIX for Dummies Questions & Answers
I need to control intenet access @ work. xample. I need PC 1 to only be able to access these five sites and add to the list as needed. Can anyone pint me a direction. (1 Reply)
Discussion started by: fruiz
1 Replies
6. AIX
Hello,
I've configurated a LDAP user authentication on AIX V6 against Active Directory (Windows Server 2008).
The Tree is built as follows:
test (DC)
|--- testgroup (group with members: user1, user2)
|
|--- sys1 (OU)
| |--- sys1group (group with member: user1)
|
|--- sys2 (OU)... (0 Replies)
Discussion started by: xia777
0 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I am using eTrust Access Control at work. I have got no output after type checklogin. I wonder what is the reason. Does anyone know? Thanks
eTrustAC selang v8.00a-1555.13 - eTrustAC command line interpreter
Copyright (c) 2006 CA. All rights reserved.
eTrustAC> checklogin user1... (0 Replies)
Discussion started by: uuontario
0 Replies
8. Proxy Server
Dear all experts here,
:)
I would like to install a proxy server on Linux server to perform solely to control the access of Web server.
In this case, some of my vendor asked me to try Squid and I have installed it onto my Linux server.
I would like know how can I set the configuration to... (1 Reply)
Discussion started by: kwliew999
1 Replies
LEARN ABOUT HPUX
chown
chown(2) System Calls Manual chown(2) NAME
chown(), fchown(), lchown() - change owner and group of a file SYNOPSIS
DESCRIPTION
The system call changes the user and group ownership of a file. path points to the path name of a file. sets the owner ID and group ID of the file to the numeric values contained in owner and group respectively. A value of or can be specified in owner or group to leave unchanged the file's owner ID or group ID, respectively. Note that owner and group should be less than (see limits(5)). The group ownership of a file can be changed to any group in the current process's access list or to the real or effective group ID of the current process. If privilege groups are supported and the user has the privilege, the file can be given to any group. If the path given to contains a symbolic link as the last element, this link is traversed and path name resolution continues. changes the owner and group of the symbolic link's target, rather than the owner and group of the link. The system call functions exactly like except that it operates on a file descriptor instead of a path name. fildes is a file descriptor. The system call sets the owner ID and group ID of the named file just as does, except in the case where the named file is a symbolic link. In this case, changes the owner and group of the symbolic link file itself. Access Control Lists - HFS File Systems Only A user can allow or deny specific individuals and groups access to a file by using the file's access control list (see acl(5)). When using in conjunction with HFS ACLs, if the new owner and/or group does not have an optional ACL entry corresponding to and/or in the file's access control list, the file's access permission bits remain unchanged. However, if the new owner and/or group is already designated by an optional ACL entry of and/or %.group, sets the file's permission bits (and the three basic ACL entries) to the permissions contained in that entry. Access Control Lists - JFS File Systems Only A user can allow or deny specific individuals and groups access to a file by using the file's access control list (see aclv(5)). When using in conjunction with JFS ACLs, if the new owner and/or group of a file have optional ACL entries corresponding to and/or in the file's access control list, those entries remain in the ACL but no longer have any effect, being superseded by the file's and/or entries. Security Restrictions Only processes with an effective user ID equal to the file owner or a user with the privilege can change the ownership of a file. If priv- ilege groups are supported, the owner of a file can change the ownership only as a member of a privilege group allowing as set up by the command (see setprivgrp(1M)). All users get the privilege by default. When a process changes the ownership or group of a file, the file system may clear the set-user-ID and set-group-ID bits. See privileges(5) for more information about privileged access on systems that support fine-grained privileges. RETURN VALUE
and return the following values: Successful completion. Failure. The owner and group of the file remain unchanged. is set to indicate the error. ERRORS
If or fails, is set to one of the following values: Search permission is denied on a component of the path prefix. path points outside the allocated address space of the process. The reliable detection of this error is implementation dependent. Too many symbolic links were encountered in translating path. A component of path exceeds bytes while is in effect, or path exceeds bytes. The file named by path does not exist. A component of the path prefix is not a directory. Either owner or group is greater than or equal to or is an illegal negative value. The effective user ID is not a user with privilege and one or more of the following conditions exist: o The effective user ID does not match the owner of the file. o When changing the owner of the file, the owner of the file is not a member of a privilege group allowing the priv- ilege. o When changing the group of the file, the owner of the file is not a member of a privilege group allowing the priv- ilege and the group number is not in the current process's access list. The named file resides on a read-only file system. If fails, is set to one of the following values: fildes is not a valid file descriptor. Either owner or group is greater than or equal to or is an illegal negative value. The effective user ID is not a user having privilege and one or more of the following conditions exist: o The effective user ID does not match the owner of the file. o When changing the owner of the file, the owner of the file is not a member of a privilege group allowing the priv- ilege. o When changing the group of the file, the owner of the file is not a member of a privilege group allowing the priv- ilege and the group number is not in the current process's access list. The named file resides on a read-only file system. AUTHOR
was developed by AT&T. was developed by the University of California, Berkeley. SEE ALSO
chown(1), setprivgrp(1M), chmod(2), setacl(2), acl(5), aclv(5), limits(5), privileges(5). STANDARDS CONFORMANCE
chown(2)