×
UNIX.COM Login
Username:
Password:  
Show Password






👤


UNIX for Beginners Questions & Answers

If you're not sure where to post a Unix or Linux question, post it here. All unix and Linux beginners welcome in this forum!

Setting write permission for particular user

👤 Login to reply
 
Thread Tools Search this Thread Display Modes
    #1  
Old 10-04-2017
arunkumar_mca arunkumar_mca is offline
Registered User
 
Join Date: Oct 2004
Last Activity: 22 June 2018, 11:25 AM EDT
Posts: 416
Thanks: 81
Thanked 2 Times in 2 Posts
Setting write permission for particular user

Hi All,


We have a scenario in production where we want only one user from a group to modify the file. The file is not set to write permission for application manager.

Code:
-r--r--r-- 1 amgr u00 15661716 Aug 30 00:06 DCI.dat

So here amgr will have permission to edit the file. We want a "ftpuser1" to get write permission for the file also we dont want the user "ftpuser1" to elivate the permission to amgr.

I see by setting SUID we can set that. What I read is it will make all user that are in group where "ftpuser1" is on will get the write permission
Sponsored Links
    #2  
Old 10-04-2017
RudiC RudiC is offline Forum Staff  
Moderator
 
Join Date: Jul 2012
Last Activity: 17 July 2018, 3:29 PM EDT
Location: Aachen, Germany
Posts: 13,065
Thanks: 449
Thanked 4,013 Times in 3,690 Posts
I'm not sure I fully understand, esp. if ftpuser1 is a user or a group, so a few comments here:
- I don't see amgr permitted to edit the file - would need write permission as well.
- SUID won't modify any permissions on a data file (which I conclude from the "extension"), but will modify the UID of the process running a command (for every user running it) so it might access files with the user's (amgr's) ID.
- assigning ftpuser1 to group u00 might help given not too many users are in the u00 group and group access will be extended.
The Following User Says Thank You to RudiC For This Useful Post:
arunkumar_mca (10-04-2017)
Sponsored Links
    #3  
Old 10-04-2017
arunkumar_mca arunkumar_mca is offline
Registered User
 
Join Date: Oct 2004
Last Activity: 22 June 2018, 11:25 AM EDT
Posts: 416
Thanks: 81
Thanked 2 Times in 2 Posts
ftpuser1 is a user. Below is the directory where the file is in. The directory has all permission to amgr believe that is the reason amgr has write permission

Code:
drwxr-xr-x 2 amgr u00 16384 Sep  6 14:47 reference

ftpuser1 cannot be added to u00 group as u00 is having the read permission. We need ftpuser1 to have write permission
    #4  
Old 10-04-2017
Corona688 Corona688 is offline Forum Staff  
Mead Rotor
 
Join Date: Aug 2005
Last Activity: 17 July 2018, 11:41 AM EDT
Location: Saskatchewan
Posts: 22,724
Thanks: 1,193
Thanked 4,350 Times in 4,005 Posts
You could make the file belong to ftpuser1 perhaps.
Sponsored Links
    #5  
Old 10-04-2017
arunkumar_mca arunkumar_mca is offline
Registered User
 
Join Date: Oct 2004
Last Activity: 22 June 2018, 11:25 AM EDT
Posts: 416
Thanks: 81
Thanked 2 Times in 2 Posts
You mean to make the file owner as the ftpuser1 . As per our configuration manager structure they want all the files to owned by amgr. ALso ftpuser1 cannot be added to amgr
Sponsored Links
    #6  
Old 10-04-2017
hicksd8 hicksd8 is offline Forum Staff  
Moderator
 
Join Date: Feb 2012
Last Activity: 17 July 2018, 2:33 PM EDT
Location: Devon, UK
Posts: 1,919
Thanks: 290
Thanked 513 Times in 432 Posts
Phew! I've read this many times and I'm not sure that I understand either. Anyway,

Is there a reason why you can't create a separate group for write access users and set the file group setting to that group with rights ='rw'
So the file has group <newgroup> with 'rw' rights. ftpuser1 is also in group <newgroup> so gets 'rw' rights to the file.
(Remember that a user can be a member of more than one group.)

Unless you're worried about who can read the file you can give the world read rights. World='r'.

Therefore, ftpuser1 is (perhaps) the only member of a new group which can read/write the file (modify).

If you want a user to be able to write (and I mean create the file) then they'll need write access to the directory above (and there are various ways you can do that too).

Perhaps you need to explain things to us all a bit more.

Last edited by hicksd8; 10-04-2017 at 12:49 PM..
The Following 2 Users Say Thank You to hicksd8 For This Useful Post:
arunkumar_mca (10-04-2017), rbatte1 (10-04-2017)
Sponsored Links
    #7  
Old 10-04-2017
rbatte1 rbatte1 is offline Forum Staff  
Root armed
 
Join Date: Jun 2007
Last Activity: 17 July 2018, 11:37 AM EDT
Location: Lancashire, UK
Posts: 3,586
Thanks: 1,594
Thanked 706 Times in 633 Posts
It's getting complicated because we don't know what other users you have.

The suggestion from hicksd8 to have a new group is a good one.

How does the file arrive? If it is created by amgr, then amgr would also need to be in the group. A simple chgrp newgroup DCI.dat should then suffice. The account amgr already has write permission so that should not be an issue. Name your new group something sensible so you know what it is for and don't abuse it.


An alternate may be to use Access Control Lists (ACLs) but they are OS dependant and may not be recovered if you restore a file. What OS and version are you using? If the suggestion above does not help, I@m sure we can work something out.



Kind regards,
Robin
The Following 2 Users Say Thank You to rbatte1 For This Useful Post:
arunkumar_mca (10-04-2017), Corona688 (10-04-2017)
Sponsored Links
👤 Login to reply

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Allow user without dir write permission to execute a script that creates files waavman UNIX for Advanced & Expert Users 14 01-08-2014 05:54 PM
Apache write permission issues to another user owned directory rakeshkumar Web Programming 2 10-18-2013 02:03 AM
search any user files with write permission michlix Shell Programming and Scripting 1 01-12-2012 10:52 PM
write permission to a perticular user to a directory siba.s.nayak Shell Programming and Scripting 1 09-04-2009 08:37 PM
Find all files with group read OR group write OR user write permission shunter63 Shell Programming and Scripting 5 01-14-2009 12:06 PM



All times are GMT -4. The time now is 09:17 PM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.