assign permissions
hi guys
I had 10 users and 3 linux servers they are normal users I need to assign read access to these 1o users to /opt /var /usr how can I accomplish that without going user by user? any idea? should this command work? well for me is not working chmod -R o+r /var after that user cannot access /var anymore |
Ensure that your users belong to the same group.
If you don't have a regular users group create one: Code:
groupadd users Code:
gpasswd -a users username1 Code:
find /directory -type d -exec chmod g+xr-w {} \; Code:
find /directory -type f -exec chmod g+r {} \; Do that at your own risk. <edit> changed an error -type d to -type f on the files section </edit> |
I think the command is
chmod -R o+r * so I need to be in the folder /var before |
You're going to need the 'x' perm on the dirs as well; it means search/access on a dir, not 'execute' http://linux.die.net/man/1/chmod
|
Quote:
Also by only adding +r to all files you are not giving read access to directories. Was there something in my reply that you didn't understand??? PS: Quote:
|
really sorry I posted without updating the post so I never saw your answer
so it's going to be Code:
groupadd normalreaduser Code:
gpasswd -a normalreaduser user1 Code:
find /var -type d -exec chmod g+xr-w {} \; Why could be risky to add read access to /var and /usr? I was thinking I needed to specify the group name somewhere |
Quote:
Quote:
PS: Your users may also already belong to a group, so check the groups and their users in /etc/groups |
Quote:
Changing file permissions on system files it's something that you should be careful. Some programs depend on specific file permissions, and do not function properly (or at all) if you change the permissions. |
got your point but I was working and let the windows opened when I did some test about chmod and posted after posting found your answer.
well so far I got users like this some they below to their own group so I need to create a new group Code:
uid=508(lorenzo) gid=508(lorenzo) groups=508(lorenzo) I get this error Code:
[root@node02 ~]# groupadd testgroup Code:
[root@node02 ~]# usermod -a -G testgroup user1 |
sorry my bad.
it's gpasswd -a user group On unix when in doubt use: Code:
command --help in Unix there's usually several ways of doing something. An alternative way is to edit the /etc/groups directly |
ammorais thanks a lot for your help and the other guys
BTW ammorais yes it's not a good practice AT ALL for instance in /usr/ we got some APPs that could not word If I assign read to ALL thanks a lot I am going to check this request to be completely sure |
by the way guys
I am thinking about this for instance I have a directory which owner is root:root is there any way like in windows 2003 to assign another group (which includes my 10 users) and give to that group read permissions? basically I wanna know if a directory can be manage by different groups. This is because during this journey I got a directory which owner was something different that root so I used (apache_group) Code:
usermod -a -G apache_group user1 Code:
usermod -a -G root user1 any idea? |
I totality forgot that you must assign the directory's group.
Code:
chgrp users /directory In Unix each file can only have one user and one group. What you want is Access Control List. Have a look here to see how to work with it. Also I suggest you have a look at Role-based access control implementations. Currently they are supported by grsecurity and SELinux. |
Quote:
thanks a lot for all that info I think I am going to have some to thing this weekend :rolleyes: |
Quote:
You're welcome. Good luck. |
All times are GMT -5. The time now is 07:05 AM. |