General :: Allow Two Groups To Access A Directory?
Mar 2, 2010
I am in need of a rather complicated permissions scheme for particular directory. I have a directory /data I want the group developers to have read and execute access to this directory. Then, I want the group research to have read, execute, and WRITE permission for this directory. Now, I have a second directory /code which developers and research have full access to. And I have a third group, operations I want operations to be able to read /data but not be able to read /code Is this permissions scheme possible in linux?
View 1 Replies
ADVERTISEMENT
Feb 4, 2011
I already know of a work around to fix this problem, but I guess my question is why is this not working as expected? I am using a Windows Server 2008 R2 Active Directory for authentication.
I have run auth-client-config for the ldap profile and pam-auth-update. When running getent passwd, I get a list of both the local users and the users in the active directory (with populated information in the Unix schema extension). When running getent group I get a list of both the local groups and the groups in the active directory (with populated information in the Unix schema extension).
Interestingly enough, though, when I run su DOMAINUSER, after the prompt for the password I get an authentication error. In /var/log/auth.log I can see an entry with pam_ldap: missing "host" in file "/etc/ldap.conf". The SRV records in the DNS servers resolve correctly. I've checked this with nslookup and I have seen the records within my zone file. Obviously if the ldap.conf file is working with getent and the ldap server is resolving from the SRV records, it is working fine.
The interesting part is that the Windows Server 2008 R2 AD machine shows in the event viewer that there was a successful authentication, yet the Ubuntu box says no. When I add the host within the ldap.conf file, everything works...getent and the actual authentication, either initial login or su.
[Code]...
View 1 Replies
View Related
Jun 8, 2010
So i am at the stage of about to install the basic system and am using a derivation of the package management provided by Matthias S. Benkmann. To this end I am using his useradd and groupadd scripts to update the files:
/etc/passwd
/etc/group
My issue is that when I run the commands(created as part of temporary system when installing coreutils):
Code:
/tools/bin/su linux
#then as user
/tools/bin/groups
(here linux is the name of the user) This only returns the user being in the group named after user but not the additional group of 'install' Also, prior to logging in as user, if I use this command as root:
Code:
/tools/bin/groups linux
linux install This then returns that the user is in the correct groups. Lines from relevant files look like:
Code:
#/etc/passwd
linux:x:10000:10000::/usr/src/build:/bin/bash
#/etc/group
[code].....
View 8 Replies
View Related
Apr 21, 2010
The scenario is I have a Windows Server 2003 Domain Controller which runs ADUC. I have created some security groups which I would like to apply to my network shares. The problem is, the majority of my network shares are based on Open Suse machines which, although are part of the domain, when trying to configure the shares using SMB, do not allow me to select the Active Directory groups. Any solution which will allow me to use ADUC security groups?
View 3 Replies
View Related
Apr 13, 2010
I'm using Mac OS X's Terminal.app shell to compile and run Fortran programs. One such program resides outside of my home directory (it is in the Applications folder, which resides on my hard drive but seems to be outside of my home folder). How can I navigate into this directory using Terminal.app to run the programs that reside there?
View 7 Replies
View Related
Jan 17, 2010
Slackware 13 64 bit Hp Photosmart c4280 USB (All-in-one)
- Printer successfully configured using CUPS
- Scanner only works when I am Root.
- When trying to access scanner as user it says there is no scanner attached.
What should be the groups for this user in order to access the scanner? Actually, they are: haldaemon, disk, audio, video, cdrom, plugdev, power, scanner, lp. Below are the outputs for sane-find-scanner (as both root and user), although, since the scanner works well under root, I am almost sure it is a problem with setting permissions and groups.
Quote:
# sane-find-scanner
# sane-find-scanner will now attempt to detect your scanner. If the
# result is different from what you expected, first make sure your
# scanner is powered up and properly connected to your computer.
[code]....
View 2 Replies
View Related
Sep 15, 2009
Having set up many windows servers with complex permissions on shared folders, I now have to do the same in Linux (and I'm such a noob to Linux) I understand that each file/folder is assigned a user + group, and that the rights can be set for the user, the group and global (aka everybody else) My challenge is this, inside my shared folder there is a folder that should be RW to some users, READ ONLY to others, and not accessible at all to the rest of the users. (lets call the folder MyFolder ) All 3 groups have more than 1 user, so they have to be groups (right?) How would this model work in Linux ? If there is no other way, I guess I can nest the MyFolder in a folder that has permissions to allow all users that may access MyFolder, and block the rest, then on MyFolder, set owner group the RW users, and set global to READ ONLY.
Ps : The server I'm setting up runs Debian Lenny, files will be accessed from windows workstations using samba.
View 2 Replies
View Related
Feb 5, 2010
I am setting up a samba server to operate in a windows AD domain. I want to set permissions for multiple groups to have different levels of access to one group of files, and it looks to me like unix permissions will not do that? I always hear about how robust linux is, and it seems to me that their file permissions model is WEAK compared to microsoft's?
View 2 Replies
View Related
Oct 12, 2010
I am currently trying to set up a Samba domain server. In the Samba-HOWTO-Collection I found an
example file.(Point 3.3.3.1) In the explanations of the example below, the author says I need to map UNIX Groups to NT Groups. He writes a shell-script of how one could do it, but when I copy it and then execute it, I get the error:
Bad option: rid=512
Bad option: rid=513
Bad option: rid=514
The other groups do get mapped, just the Domain Admins, Domain Users and Domain Guests dont. This is the shell from the HOWTO:
#!/bin/bash
#### Shell-Skript f ̈r sp ̈tere Verwendung aufbewahren
net groupmap modify ntgroup="Domain Admins" unixgroup=ntadmins rid=512
net groupmap modify ntgroup="Domain Users" unixgroup=users rid=513
net groupmap modify ntgroup="Domain Guests" unixgroup=nobody rid=514
[Code]...
View 2 Replies
View Related
Jan 20, 2010
I grant read privilege to all the users to my .vimrc file . But my colleague still can't read my .vimrc file . I guess in addiction to give the read privilege to the .vimrc file, in some way I should give the person who want to read it the "access right" to my home directory first---which I don't know how to do it.
View 3 Replies
View Related
Dec 20, 2010
My better half spilled some coffee on her 8month old macbook and it decided not to work anymore. Apple says it will cost around $800 or more to fix, we wont be paying that, Ill be finding a logic board or service somewhere online now that our warranty is shot and going that route.But before I send the macbook off anywhere I need to pull some data off the HDD. I was able to plug the HDD into my Linux box(internally, I dont have an external enclosure). I was able to mount the drive and copy the directories I wanted to the HDD on my linuxbox.
But Im unable to to access the directory from the terminal or from the file browser, I get an access denied message. Because I know the username and password for the macbook is there a way I can use that to gain access to the directories?Google got me this far, but when I googled "access locked directory ubuntu" or any variation of that with the terms linux and osx thrown in there for good measure.
View 3 Replies
View Related
Apr 30, 2011
Code:
count=`ls *.php -l | wc -l`
if [ "$count" -ne "0" ]; then
mv *.php ~/Desktop/PHP
[code]....
With this code I am attempting to ensure a php file exists, then attempting to move it to another folder. My script has 40 or so extensions, this is one of many. My problem is this: if the current folder contains no php files i receive an error.
ls: cannot access *.php: No such file or directory
Typically I would use 2> /dev/null to handle output suppression but in this case it prevents the variable assignments.
View 5 Replies
View Related
Feb 26, 2011
I have a server running Ubuntu server edition with SMB server all set up and running. I've set up the main root of the drive to be shared and I've set up a user in /etc/samba/smbusers to say root = "joeflood" so I can sign in as root using the username "joeflood". This works and I have read/write access to the filesystem (yay!). However, if I browse to /home/javawag (my main user home directory), I no longer have write permissions! I can see all the files in there and read them no problem, but writing is a no-go. I'm logged in as root though?! Btw, I can login via SSH and create folders/etc as root in the /home/javawag folder, and they showed up in the SMB mount on my mac too.
View 1 Replies
View Related
Jun 18, 2011
I have a Virtual Private Server which I can connect to using SSH with my root account, being able to execute any linux command and access all the disk area, obviously.
I would like to create another user account, which would be able to access this server using SSH too, but only to a certain directory, for example /var/www/example.com/
For example, imagine this user has a HUGE error.log file (500 MB) located in /var/www/example.com/logs/error.log
When accessing this file using FTP, this user needs to download 500 MB to view the last lines of the log, but I'd like him to be able to execute something like this:
Therefore I need him to be able to access the server using SSH, but I don't want to grant him access to all server areas.
View 2 Replies
View Related
Jun 13, 2011
Code:
# Create a directory, and user, assign ownership of dir to that user and usergroup.
sudo mkdir /mysecureddir
sudo useradd mysecureduser
sudo chown mysecureduser:mysecureduser /mysecureddir
[code].....
I've read some similar issues dealing with apache, but its still not clicking for me. Group has rwx access to directory and everything in it. I'm in the group.
View 6 Replies
View Related
Oct 18, 2009
I have been following the steps mentioned at [URL] Now I want to add authentication through .htaccess.
View 1 Replies
View Related
Feb 11, 2011
I am not able to access the directory /usr/local. But when I do ls I am able to see it.
Code:
[root@indra ~]# ls -ld /usr/local
drwxr-xr-x 2 root root 0 Feb 9 12:11 /usr/local
[root@indra ~]# cd /usr/local
-bash: cd: /usr/local: No such file or directory
[root@indra ~]#
View 17 Replies
View Related
Mar 16, 2010
I ran into a bit of trouble making a bash script. (Desktop is a directory, and I try to get it's modification date)
Code:
lamp:~# cmd='ls -l Desktop | grep -o "....-..-.. ..:.."'
lamp:~# $cmd
ls: cannot access |: No such file or directory
ls: cannot access grep: No such file or directory
[code]....
When I type in the command directly, without using an inbetween variable, it works fine.
View 3 Replies
View Related
Feb 21, 2010
Recently I mounted a larger partition into my home directory since I was running out of space, Everything went smoothly, but it caused me to wonder about something I cant figure out. While playing with the mount unmount commands when I was copying everything over... before editing my fstab.
Is there a way to access the files that existed in a directory before you mount a partition to that directory? after mount the original files are gone.unmount and they are back, Where do they go?
View 3 Replies
View Related
Jul 18, 2011
I have a directory that needs to be owned by nginx user and I need to access it via other users in order to add/edit/delete files in it. So I created a group called www and added both then chgrp -R on the directory. However I am still getting a "unavailable to access no permissions" sort of error in my SSH/SCP/what ever you want to call Mac's Transmit.
ls -a output
drwxr----- 3 nginx www 4096 Jul 17 23:56 nginx
View 1 Replies
View Related
Jun 18, 2010
I configured FTP server on Fedora 7.0 . I create different users with different password. I also create seprate directory for each FTP user. All are working . When I use filezilla for connecting that FTP site I can access all the directory on that server.
Now I want to configure that no any FTP user can access other FTP users directory or any other directory in server machine . What I do for this .
View 1 Replies
View Related
Jun 17, 2011
What if two programs say ftpd and httpd need to acces the same directory? Any way to set context type of that directory to httpd_t and ftpd_t? What do you do in a case like this?
View 2 Replies
View Related
Feb 25, 2010
I have a centos 5.4 64-bit machine. I installed the directory server following those steps.
I then added some users using the Centos Management Consolecentos-idm-console -a http://localhost:3890 &
View 3 Replies
View Related
Aug 10, 2010
I need to give a user write access to /var/www and its subdirectories. The current directory permissions are as follows:rwx r-x r-x root root
I added the user to the root group but that didn't seem to help.I read I could chmod -R to change the access to write for the www directory and subdirectories but I don't want to change things and mess up the website. How can I give the user access to write to the www directory and subdirectories without messing anything up? Would changing the www directory group owner to his group cause an issue anywhere?
View 3 Replies
View Related
Jan 24, 2011
My home directory's permissions allow only myself access to it. Is it possible to put a file inside my home directory with.. say.. full permissions, and create a symlink to it so other users can access that file alone inside my home folder? System is Ubuntu Karmic.
View 2 Replies
View Related
Jan 28, 2010
I'm fairly new to Linux and very new to Squid and am having authentication issues! I am using Oracle Enterprise Linux (which is basically Red Hat without the branding) and wanting to use Squid Proxy Server for web access with authentication to Active Directory. I've found a number of articles about this online and all of them say to use auth program squid_ldap_conf which should be in /usr/lib/squid/. I don't have a squid directory in /usr/lib for starters and my squid binaries are in /etc/squid but there is no squid_ldap_conf in there either. I have installed the latest version of Squid (3.0) to see if that helped but I still cannot find the authorisation program.
View 3 Replies
View Related
Nov 4, 2009
I'm using my Linux (SLES 10) server as a File Server at this point. I need to set File Permissions to nested folders differently to different groups. For example:
homesharedengineering* should be read only for groupA
homesharedengineeringadmin should be read & write for groupB Plus read only for groupA
homesharedengineeringautocad should be read & write for groupC Plus read only for groupA
I've been using Webmin and Putty to set permissions but Putty only allows me the Default Group, it won't allow me to set several groups on the same directory. Webmin seems to allow me to add multiple groups (Webmin --> Others --> File Manager --> Info & ACL tab will provide extended abilities) but when I add multiple groups, they don't seem to take effect? I'm wondering if my setup at the 'Share' level or at the hierarchy of my folder structure (unix based) needs to be set specifically?
View 1 Replies
View Related
Apr 21, 2011
Can't log into my XFCE desktop like I normaly do. all the sudden I get notified that my xsession lasted less then 10 secondsLooking at the error I can see this:
Unable to access file /home/username/.iceauthority: No such file or directory
Using failsafe I can start a terminal. From terminal I tried to start X
Code: sudo startx Result: Running on desplay:0
So I tried to run this;
Code: sudo startxfce4 And I get up a graphical desktop.
So this is not a critical situation as I easily can use this method to log on, but as there has been something causing this I would like to be able to resolve this nonetheless. Btw it is not the old chmod trick in play here, cause my .iceauthority file is gone alltogheter.
View 6 Replies
View Related
May 14, 2010
When login through root on HP-tru Unix server, I am trying to access a directory, it is saying "Permission Denied".. Also, an sh file is also not able to execute through same root access..I have checked the permission of the directory as well as for sh file through ls-ltr.. It is also fine.. Root System rwx-rwx-rwx--What could be the possible cause, and how to correct it..
View 1 Replies
View Related
Mar 8, 2010
I'm developing an application in which one user must run java software that I'm compiling as another user. I wanted to give user A permission to see the bin direcory of my workspace, which is in the home directory of user B. I was wondering how can this be done? I gave the bin direcotry full read/execute premissions, but since it's in my home directory user A can't navigate to it.
I know there are a few ways I could get around the problem but they arn't very elegant. I was wondering if there is a simple method for giving a user access to a specific directory without giving access to all the parent directories. I tried symbolic link but user A still can't access it, and a hard link to a directory isn't allowed in Linux. I don't feel like making a hard link to every single file in the bin directory, and I'm not sure that would work anyways, since every recompile overwrites them.
View 7 Replies
View Related