10-14-2005
Deleting a file requires write access to the directory that contains it.
8 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
Does anyone know if Redhat 7.2 allows for file access control lists as you can in Solaris ?
And if so, can you give me the basic command as I'm having trouble finding documentation on this.
Thanx (1 Reply)
Discussion started by: ianf
1 Replies
2. Filesystems, Disks and Memory
In Windows XP, there are 3 default access control groups namely: Administrators, Users and Power Users. Is there default access control groups in Unix system? If there is, what are they?
newbie. (1 Reply)
Discussion started by: zertoir
1 Replies
3. Shell Programming and Scripting
Hey all, I have a directory (own by user: b; group: grpB) which I want a user (user: a; group: grpA) to be able to read and execute from, I wonder if I should add user a to this particular directory's ACL or that I would add group grpB to user a's subgroup?
I would like to know the difference... (3 Replies)
Discussion started by: mpang_
3 Replies
4. UNIX for Dummies Questions & Answers
In OS like windows, I can define an Access Control List (ACL) and specify which accounts and groups have what access to a specific file.
I assume U*X, Linux and cygwin on windows have this ACL feature too. I'm using cygwin on windows. What do I type at a bash prompt to allow a specific user... (1 Reply)
Discussion started by: siegfried
1 Replies
5. UNIX for Dummies Questions & Answers
I need to control intenet access @ work. xample. I need PC 1 to only be able to access these five sites and add to the list as needed. Can anyone pint me a direction. (1 Reply)
Discussion started by: fruiz
1 Replies
6. AIX
Hello,
I've configurated a LDAP user authentication on AIX V6 against Active Directory (Windows Server 2008).
The Tree is built as follows:
test (DC)
|--- testgroup (group with members: user1, user2)
|
|--- sys1 (OU)
| |--- sys1group (group with member: user1)
|
|--- sys2 (OU)... (0 Replies)
Discussion started by: xia777
0 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I am using eTrust Access Control at work. I have got no output after type checklogin. I wonder what is the reason. Does anyone know? Thanks
eTrustAC selang v8.00a-1555.13 - eTrustAC command line interpreter
Copyright (c) 2006 CA. All rights reserved.
eTrustAC> checklogin user1... (0 Replies)
Discussion started by: uuontario
0 Replies
8. Proxy Server
Dear all experts here,
:)
I would like to install a proxy server on Linux server to perform solely to control the access of Web server.
In this case, some of my vendor asked me to try Squid and I have installed it onto my Linux server.
I would like know how can I set the configuration to... (1 Reply)
Discussion started by: kwliew999
1 Replies
LEARN ABOUT SUSE
ftpd_selinux
ftpd_selinux(8) ftpd SELinux policy documentation ftpd_selinux(8)
NAME
ftpd_selinux - Security-Enhanced Linux policy for ftp daemons.
DESCRIPTION
Security-Enhanced Linux provides security for ftp daemons via flexible mandatory access control.
FILE_CONTEXTS
SELinux requires files to have a file type. File types may be specified with semanage and are restored with restorecon. Policy governs the
access that daemons have to files.
Allow ftp servers to read the /var/ftp directory by adding the public_content_t file type to the directory and by restoring the file type.
semanage fcontext -a -t public_content_t "/var/ftp(/.*)?"
restorecon -F -R -v /var/ftp
Allow ftp servers to read and write /var/tmp/incoming by adding the public_content_rw_t type to the directory and by restoring the file
type. This also requires the allow_ftpd_anon_write boolean to be set.
semanage fcontext -a -t public_content_rw_t "/var/ftp/incoming(/.*)?"
restorecon -F -R -v /var/ftp/incoming
BOOLEANS
SELinux policy is based on least privilege required and may also be customizable by setting a boolean with setsebool.
Allow ftp servers to read and write files with the public_content_rw_t file type.
setsebool -P allow_ftpd_anon_write on
Allow ftp servers to read or write files in the user home directories.
setsebool -P ftp_home_dir on
Allow ftp servers to read or write all files on the system.
setsebool -P allow_ftpd_full_access on
Allow ftp servers to use cifs for public file transfer services.
setsebool -P allow_ftpd_use_cifs on
Allow ftp servers to use nfs for public file transfer services.
setsebool -P allow_ftpd_use_nfs on
system-config-selinux is a GUI tool available to customize SELinux policy settings.
AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
SEE ALSO
selinux(8), ftpd(8), setsebool(8), semanage(8), restorecon(8)
dwalsh@redhat.com 17 Jan 2005 ftpd_selinux(8)