On RedHat 5 64-bit.I have a group that requires read-only access to the /var directory.I believe someone mentioned SGID and ACL stuff, and I've been researching this solution, but I wanted to check with you all first to ensure there wasn't an easier way to do this. Basically, I just need folks that belong in this certain group to read the contains of any file/directory contained within /var.
View 5 RepliesI am trying to setup a Rsync backup method.I have multiple files and folders all OWNED by different users.Now I can read the files as root.But I want to make a user for RSYNC that can ONLY read all these files for copying them across.It requires to create a non password login and I dont want to do that with the root user ! I have tried to create a new user and use 'setfacl':setfacl -m u:someuser:r /var/test.But when I su to 'someuser' I cannot copy the files to my homedir. So I think it wont work for rsync also.
View 8 Replies View RelatedI am trying to set up an ampache server using apache as the webserver. The instructions have the following line as one of the requirments: Your webserver has read access to the /sql/ampache.sql file and the /config/ampache.cfg.php.dist file..I have essentially zero experience with apache, and I'm not sure how to grant read access to a file.
View 1 Replies View RelatedWe are aware that unix has three sets of permission such as owner, group and others. I have a requirement to have a read-only access to a folder and sub-folders and the group that currently holds can't be used. Because it has write privileges. I would rather not prefer to use others, because it opens to each user in the system.have read-only access for another group?
View 1 Replies View RelatedCode:
# Create a directory, and user, assign ownership of dir to that user and usergroup.
sudo mkdir /mysecureddir
sudo useradd mysecureduser
sudo chown mysecureduser:mysecureduser /mysecureddir
[code].....
I've read some similar issues dealing with apache, but its still not clicking for me. Group has rwx access to directory and everything in it. I'm in the group.
I have a directory that needs to be owned by nginx user and I need to access it via other users in order to add/edit/delete files in it. So I created a group called www and added both then chgrp -R on the directory. However I am still getting a "unavailable to access no permissions" sort of error in my SSH/SCP/what ever you want to call Mac's Transmit.
ls -a output
drwxr----- 3 nginx www 4096 Jul 17 23:56 nginx
I have a log server that collects logs from all the cisco devices on our network.he company policy states that any logs should only be accessible by root. So I have the following permissions set on the directory, as well as everything inside the directory where the cisco logs are kept.
Code:
drwx------ 65 root root 4096 Apr 29 7:38 rsyslog
The cisco folks are requesting access to these logs, which is allowed by company policy.
[code]...
i want /mydata to be read/write by the web server. What group and user showld i use?
View 2 Replies View RelatedCurrently, I must sudo tcpflow -i lo as root user, I want to grant the lo interface and TCP port range 3000-3999 of all interfaces to user1, how to do that?
View 1 Replies View RelatedI'm using Kubuntu 10.04 at the moment. Every time I log in, KDE Wallet asks me to give a password so that Kopete can access my login password to login. Is there any way you can 'grant permission' to access the wallet for certain applications so that I don't have to fill in my password every time?
View 9 Replies View RelatedI'm having troubles with a download and I need permissions for the conig files and to have write-access to your ~/.loki/ directory and all sub directories. Does anyone know how to do this?
View 4 Replies View RelatedI have wicd 1.6.1 (bzr-r426) and it is working very good with my root user but with all those which have not the root rights wicd asks for superuser password to connect. I want to avoid this pop-up window to be shown, how can I proceed? I first thought about the sid and gid but it seems that there is no improvements using chmod 4755 and 2755 on the different files involved in.
View 2 Replies View RelatedI have a JavaCL program trying to open a port on 41xxx and it is getting permission denied unless I run it as root. I would like to grant a single user this permission for opening this port. This program runs fine on a vanilla ubuntu install but not on server. Where does Ubuntu handle user permissions for opening ports?I understand this is typically a no-no on a server but this is an unusual circumstance.
View 1 Replies View RelatedIs there any way to grant access to non root users to use some commands like reboot and date and some other commands that root user can work with .I tried chmod on their binaries and added them to root group but nothing happened.
View 5 Replies View RelatedI'm running a server using CentOS 5 x64 I want to disable access of groups to "bin" folder so they cannot execute commands. [info: actually because of a bug in cPanel (the control panel I installed) Perl will give access to all hosting users to execute commands.] so what i wanna do is to ban some groups on 'bin' folder, for example 'my_group1' and 'my_group2" cannot access bin but 'my_trusted_group' can access it.
View 1 Replies View RelatedIs there a way, on Linux, to cause all new files created in a directory to be owned by the directory's group instead of the creating user's group?
View 2 Replies View RelatedI got this error message when installing Fedora 11 by an installlation DVD (download from [URL]) Unable to read group information from repositories. This is a problem with the generation of your install tree. This error message appeared after the step that the installer asked me to choose where to install boot loader and configure the GRUB boot menu. The error message came with two button: [Retry] and [Exit installer].
View 8 Replies View RelatedI am trying to dual boot Vista and F10 and I have 2 different 400GB hard drives to do it on. On the first HD, I have Vista installed but when I try to install F10 on the second, I get this error message:
Quote: Error: Unable to read group information from repositories. this is a problem with the generation of your install tree. I've looked it up and found some forums but none answer how to "fix" it (if it is indeed something that you fix).
I'm doing a Kickstart install of Fedora 11 with a DVD ISO as the installation source and the ks.cfg file in the root folder of the DVD. The error message I get is: "Unable to read group information from repositories. This is a problem with the generation of your install tree."
View 3 Replies View RelatedI am using this command: Code: sed -i 's?,$HTTP_USER_AGENT,?,$HTTP_USER_AGENT."\nFile: ".__FILE__."\nLine: ".__LINE__,?g' *.php to modify a line in my php files. I want to do this recursively from the directory I am in. but I get this message in response: sed: can't read *.php: No such file or directory sed version is 4.1.2. It's important that I only change *.php files, and do so recursively.
View 1 Replies View RelatedNot sure what the problem is, but my home directory or /home partition is acting up so that I cannot see the hidden directories in my home directory.
If I type "ls" I get the display of all my files and directories.
If I type "ls -l" I get the display of files and directories.
If I type "ls -a" or "ls -la", the terminal hangs.
Any thoughts? I have tried creating myself a new account and moved all my files over, then changed the ownerships to the new account. However, now the new account is acting the same way.
Long time reader, first time poster. I've got, what has become to me, a brain bender. It seems ACL's are the best way to go, but I am not 100% sure. Each user should be able to create files and modify each others'files, but should not be able to delete any one elses files in a directory.chmod -1777?setfacl?
View 2 Replies View RelatedWhat I want to be able to do, is have create a group, for example called "group1" and set its default permissions to read & write, instead of the usual just read.
So when I add a user into "group1" they automatically have read & write access to all files & directories which is in "group1".
Oh & I use crunchbang 10 (statler) for my desktops & Ubuntu 11.04 for my NFS/print/SSH/etc/etc server
I have a file the owner is root:root ( mode is 644 ), I want to release read & write permission to a non root user ( eg. admin_usr ), I tried to create a specific group ( eg. ADM ) and release it to root user and admin_usr ( by adding this users to ADM in /etc/group ) , but it is not work, if preserve the file mode to 644 , is it ok? how to do it if I want to have read & write permission in my case ?
View 5 Replies View RelatedOn opening nautilus,it shows the XP ad Fedora partitions.Clicking on them mounts the partition.However,XP partitions are mounted in Read/write mode,whereas Fedora partition is mounted only in Read mode.What changes should i need to make in /etc/fstab to enable Read/Write access to Fedora partition as well?
View 9 Replies View RelatedAnybody know how to make an ext3 or 4 partition start up at boot with only the owner and its group having read and write access permissions.I don't want 'others' to have folder access. This is what i have done. / etc/fstab:/dev/sdb5/media/Data ext4 owner 1 2 The folder starts on the boot since it has been allocated a folder as u can see. Next i changed the the ownership and the group ownership of the folder:chown johnny:johnny /media/DataThe problem is that other users can few my partition since 'others' have read access. How do i change that to zero access?
View 1 Replies View RelatedWe currently have a NFS shared Directory mounted as read-only on our server.This directory contains multiple sub-directories and files. It being read-only is a equirement. Now, we need a directory underneath to be read-write. Is there a graceful way to make that happen? Like a special mount option to use? Basically objective is: /u01 is mounted as read-only and has 3 directories: dir1, dir2, dir3 dir3 has 2 sub-directories- sub1,sub2/u01/dir3/sub2 needs to be read-write, while all other are read-only.
View 2 Replies View RelatedI am trying to setup my webserver and I am trying to make a website to run under suexec but somehow I cannot start my apache it directly fails and SELinux is giving me errors and don't really know what to do with it, it is giving me some command to type but not sure if this will make my server less secure. The SELinux error is as follow:
Code:
Summary:
SELinux prevented httpd reading and writing access to http files.
Detailed Description:
SELinux prevented httpd reading and writing access to http files. Ordinarily httpd is allowed full access to all files labeled with http file context. This machine has a tightened security policy with the httpd_unified turned off, this requires explicit labeling of all files. If a file is a cgi script it needs to be labeled with httpd_TYPE_script_exec_t in order to be executed. If it is read-only content, it needs to be labeled httpd_TYPE_content_t, it is writable content. it needs to be labeled httpd_TYPE_script_rw_t or httpd_TYPE_script_ra_t. You can use the chcon command to change these contexts. Please refer to the man page "man httpd_selinux" or FAQ [URL] "TYPE" refers to one of "sys", "user" or "staff" or potentially other script types.
Allowing Access:
Changing the "httpd_unified" boolean to true will allow this access: "setsebool
-P httpd_unified=1"
Fix Command:
setsebool -P httpd_unified=1
I will write down how I did setup my server so maybe you can see a mistake I did. First I changed my Apache httpd.conf I added the following to it:
Code:
NameVirtualHost 192.168.1.2:80
<VirtualHost 192.168.1.2:80>
ServerName localhost
DocumentRoot /var/www/html
DirectoryIndex index.html index.html index.shtml index.php
</VirtualHost>
<VirtualHost 192.168.1.2:80>
SuexecUserGroup ulyaoth ulyaoth
ServerAdmin webmaster@ulyaoth.org
ServerName test.ulyaoth.org
DocumentRoot /var/www/ulyaoth/www/html
ErrorLog /var/www/ulyaoth/logs/error_log
CustomLog /var/www/ulyaoth/logs/access_log common
DirectoryIndex index.html index.htm index.shtml index.php
ScriptAlias /cgi-bin/ /var/www/ulyaoth/www/cgi-bin/
<Directory /var/www/ulyaoth/www/cgi-bin/>
AllowOverride none
Order allow,deny
Allow from all
Options +execCGI
AddHandler cgi-script .cgi .pl
</Directory>
</VirtualHost>
Then I created the username "ulyaoth" with the group "ulyaoth" as I specified with my suexec, then I created all the directories as specified in my httpd.conf and "chown ulyaoth:ulyaoth (dirname)" them to the right group and username.
How do you configure FC11 to grant full control to the tigerVNC session. I cannot do any software updates, update vsftp through the GUI and add different software.
There are probably more things.
I can do this from the local console but I want to run two systems headless and use my three monitors on a single system that I manage them from.
$ whoami
meder
$ cd /var/www
$ sudo mkdir html
$ sudo groupadd web
$ sudo usermod -a -G web meder
$ sudo usermod -a -G web medertest
$ sudo chown meder:web html
$ sudo chmod -R g+rwx html
The problem is, anytime I create a new file in /var/www/html even though the group is set to web, it is only writable by the original user. I was given the advice of setting the umask to be 002 because the default is what causes the problems. But I would have to do this for all users in that group, and as far as I know it would be tedious having all of them modify ~/.bashrc to have umask 002. Even if I can do it myself with a shell command for all of those users, it still seems too tedious.