LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-16-2009, 10:55 AM   #16
kopper27
Member
 
Registered: Nov 2009
Posts: 147

Original Poster
Rep: Reputation: 16

ammorais

2 more questions if you have some time

I was checking the ACL and founf this in order to have it working

Code:
mount -o remount,acl /home
for example if it were / instead of home of the other I told /var /usr
doing that mount will impact users or applications? I mean do I have to schedule a downtime for that mount command

second

even using this granularity permission strategy (ACL) would still risky to assign read permissions to those folders???

sorry for this I am pretty newbie
 
Old 11-16-2009, 12:57 PM   #17
kopper27
Member
 
Registered: Nov 2009
Posts: 147

Original Poster
Rep: Reputation: 16
thinking this over

it is the same I mean adding normal R permissions or using setfacl.... so I either need to read about Role-based access control or explain to my customer why changing to R it's no a good idea at all
 
Old 11-16-2009, 06:04 PM   #18
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
Think about this; normally, the default perms on /var, /opt are correct. Think about what you are trying to accomplish, do you really need to mess with them?

If you want an area where people can share files, then the usual approach is

1. create newuser, newgrp
2. create the home dir for newuser, newgroup
3. chmod g+s newgrp newdir
4. add newgrp to reqd users as a 2ndary group

If(!) you need to go into even more fine-grained ctrl, then add ACLs to the above.
Note that the

mount -o remount,acl /newdir

can be done on the fly, ie no reboot reqd. See also tune2fs eg

tune2fs -l |grep options

will show if acls are already turned on.
http://linux.die.net/man/8/tune2fs

HTH

Why exactly would you want to mess with /var, /opt?
 
Old 11-17-2009, 12:12 AM   #19
kopper27
Member
 
Registered: Nov 2009
Posts: 147

Original Poster
Rep: Reputation: 16
thanks for the info

just a question what do you mean by chmod
Code:
g+s newgrp newdir
I mean that does the s mean

yeah just a customer who is asking that and I already told him but needs more info why this can not be done

basically I need the path where they want to have read access
so I have to check them and see what I can do

thanks a lot
 
Old 11-17-2009, 12:22 AM   #20
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
chmod g+s newgrp newdir

add sgid (set group id) of newdir 'permissions' to newgrp; basically forces all files created therein to have group ownership of newgrp, regardless of creator's grpid.
http://linux.die.net/man/1/chmod

eg
rwxrwx--- becomes rwxrws---

HTH
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Assign a value mierdatuti Programming 4 12-31-2008 02:50 PM
How To Assign an Appropriate Seperator tugce_zehra Programming 4 12-10-2008 04:16 PM
cannot assign write permissions to sda1 flygirl Linux - Newbie 2 08-26-2007 12:14 AM
Any way to automatically assign permissions?? andpol Linux - Newbie 2 05-14-2007 12:01 PM
assign static ip allelopath Linux - Software 1 04-27-2005 08:04 PM


All times are GMT -5. The time now is 03:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration