Setting write permission for particular user

 
Thread Tools Search this Thread
# 1  
Old 10-04-2017
Setting write permission for particular user

Hi All,


We have a scenario in production where we want only one user from a group to modify the file. The file is not set to write permission for application manager.

Code:
-r--r--r-- 1 amgr u00 15661716 Aug 30 00:06 DCI.dat

So here amgr will have permission to edit the file. We want a "ftpuser1" to get write permission for the file also we dont want the user "ftpuser1" to elivate the permission to amgr.

I see by setting SUID we can set that. What I read is it will make all user that are in group where "ftpuser1" is on will get the write permission
# 2  
Old 10-04-2017
I'm not sure I fully understand, esp. if ftpuser1 is a user or a group, so a few comments here:
- I don't see amgr permitted to edit the file - would need write permission as well.
- SUID won't modify any permissions on a data file (which I conclude from the "extension"), but will modify the UID of the process running a command (for every user running it) so it might access files with the user's (amgr's) ID.
- assigning ftpuser1 to group u00 might help given not too many users are in the u00 group and group access will be extended.
This User Gave Thanks to RudiC For This Post:
arunkumar_mca (10-04-2017)
# 3  
Old 10-04-2017
ftpuser1 is a user. Below is the directory where the file is in. The directory has all permission to amgr believe that is the reason amgr has write permission

Code:
drwxr-xr-x 2 amgr u00 16384 Sep  6 14:47 reference

ftpuser1 cannot be added to u00 group as u00 is having the read permission. We need ftpuser1 to have write permission
# 4  
Old 10-04-2017
You could make the file belong to ftpuser1 perhaps.
# 5  
Old 10-04-2017
You mean to make the file owner as the ftpuser1 . As per our configuration manager structure they want all the files to owned by amgr. ALso ftpuser1 cannot be added to amgr
# 6  
Old 10-04-2017
Phew! I've read this many times and I'm not sure that I understand either. Anyway,

Is there a reason why you can't create a separate group for write access users and set the file group setting to that group with rights ='rw'
So the file has group <newgroup> with 'rw' rights. ftpuser1 is also in group <newgroup> so gets 'rw' rights to the file.
(Remember that a user can be a member of more than one group.)

Unless you're worried about who can read the file you can give the world read rights. World='r'.

Therefore, ftpuser1 is (perhaps) the only member of a new group which can read/write the file (modify).

If you want a user to be able to write (and I mean create the file) then they'll need write access to the directory above (and there are various ways you can do that too).

Perhaps you need to explain things to us all a bit more.

Last edited by hicksd8; 10-04-2017 at 01:49 PM..
These 2 Users Gave Thanks to hicksd8 For This Post:
arunkumar_mca (10-04-2017) rbatte1 (10-04-2017)
# 7  
Old 10-04-2017
It's getting complicated because we don't know what other users you have.

The suggestion from hicksd8 to have a new group is a good one.

How does the file arrive? If it is created by amgr, then amgr would also need to be in the group. A simple chgrp newgroup DCI.dat should then suffice. The account amgr already has write permission so that should not be an issue. Name your new group something sensible so you know what it is for and don't abuse it.


An alternate may be to use Access Control Lists (ACLs) but they are OS dependant and may not be recovered if you restore a file. What OS and version are you using? If the suggestion above does not help, I@m sure we can work something out.



Kind regards,
Robin
These 2 Users Gave Thanks to rbatte1 For This Post:
arunkumar_mca (10-04-2017) Corona688 (10-04-2017)

|
Thread Tools Search this Thread
Search this Thread:
Advanced Search

More UNIX and Linux Forum Topics You Might Find Helpful
Giving read write permission to user for specific directories and sub directories. blinkingdan Solaris 1 06-11-2018 10:07 AM
Assign read write permission to the user for specific dir and it's sub dir and files in AIX blinkingdan AIX 0 06-11-2018 05:02 AM
SE Linux write permission denied rochitsharma Red Hat 4 10-15-2015 11:44 AM
Allow user without dir write permission to execute a script that creates files waavman UNIX for Advanced & Expert Users 14 01-08-2014 06:54 PM
Apache write permission issues to another user owned directory rakeshkumar Web Programming 2 10-18-2013 03:03 AM
Is there a difference between setting a user as nologin and setting it as a role? os2mac Solaris 1 09-12-2013 08:27 AM
useradd w/o write permission on /etc/passwd guruprasadpr Red Hat 3 01-25-2012 04:14 PM
search any user files with write permission michlix Shell Programming and Scripting 1 01-12-2012 11:52 PM
Write permission for USB device snorkack59 Debian 6 08-08-2011 11:10 PM
Need to remove Group write permission . pinga123 UNIX for Dummies Questions & Answers 1 10-22-2010 08:00 AM
write permission to a perticular user to a directory siba.s.nayak Shell Programming and Scripting 1 09-04-2009 09:37 PM
Find all files with group read OR group write OR user write permission shunter63 Shell Programming and Scripting 5 01-14-2009 01:06 PM
sftp - permission setting check jansat Shell Programming and Scripting 3 05-22-2008 10:02 PM
Turning on write-permission in Debian? riwa Debian 3 04-04-2006 10:51 AM