Recently I was going through some chmod manipulations and found the umask values to be 0002 by default in Fedora 11 distro. What I knew about the default values to be 022. I don't know whether this is a kernel modification in this distro or my system is in compromise(I doubt for the latter option, but not confirmed).
View 4 RepliesI want to set permissions to a folder as rwx-r-x-r-x in such a way that whenever a new file or folder is created under it, it will automatically inherit the parent folders default permissions.So,what I need to do know, do I have to change the umask value??
View 5 Replies View RelatedHow to change Umask value permanently for all user in Red hat Version
View 1 Replies View RelatedAccording to the man page, the "recent" match of iptables accepts certain parameters (e.g. "ip_list_tot"). I'd like to change the values of some of them.
All the solutions found on the web were about changing parameters for module, but my kernel was compiled without modules support (such that it can be used for installation booting as well).
How can I change the match parameters for my non-modular kernel ?
I think I've messed my SELinux boolean values. How to restore default boolean values?
Modified boolean values are stored in
Code:
/etc/selinux/targeted/modules/active/booleans.local
Can I just delete the file and reboot to get the defaults?
I have logged in with root user
My systems Umask value was 0022.
Code:
So i decided to change it to 0077 and observe the system for some time. so i edited /etc/profile and added
Code:
at the end of file
rebooted the machine.
But the umask is still showing as 0022
After the first attempt is failed I tried changing it using below command.
Code:
Validated it.
Code:
rebooted the machine but the umask is still showing 0022
So at last i have to modify /etc/bashrc file and add umask 077 at the end of the file.
How would i make it in general for all(Even for non-root user) and not just for bash prompt.
My Debian system has by default umask permissions of 0022, which I never liked. One user can read all the files of another seems very insecure to me.
I am planing to set it to 007, so that user and group have rw but all others have none.
Are there any side effects to that? I have noticed from a trial I did where I was changing permissions on the filesystem that some system stuff in the OS does not work anymore, if "others" have no read permission anymore, so that is why I am asking.
And why are chmod / umask permissions sometimes stated as 4 digits? What is this "all" group in the end? Isn't that already covered by "others"?
Does anyone have a solution for cron file permissions. I need them to be automatically generated 640, right not I believe they are 0644. Could I add a umask varible to the syslog.conf file to set the umask for cron generated files? Or is there a better way to do this. I am speaking only of logs generated by root.
View 1 Replies View RelatedI have a daemon running as a local user account on my red hat box. The problem is the daemon creates directories using a umask of 022. I need group write access to the directories the daemon is creating. I need the daemon to use a umask of 002. I've edited the daemons startup script in /etc/init.d I've changed the umask in the /etc/init.d/functions file. I've added the line "umask 002" in the user's ~/.bashrc and ~/.bash_profile files. I've also setup /etc/bashrc to assign all users a 002 umask (just for kicks)
View 3 Replies View RelatedI have 2 Oracle users that generate .tmp files under /var/tmp. By default, the files have the permissions 644. Now, a need has arisen whereby the files created by these users have to have the permission bits as 664. Obviously, I changed the UMASK value for these users from 022 to 02. But the files are still getting created with 644 as the permission.
I tried restarting the application as I read that a relogin is required for the UMASK change to take effect. Even that hasn't helped.
I'm setting up an application server for a small organization using Ubuntu 10.04 and LTSP. We built a machine with a quad core Athlon II, got a Gigabit swtich, and a couple Gigabit ethernet cards. I burned gPXE into a couple EPROMs and turned their old PIII and Duron systems into thin clients.
So far so good.
Now, I'm trying to set up a shared directory that two users in the same group can both read and write. Let's call it "/home/shared". I want to set UMASK to 007, so that by default, files are created readable and writable by user and group, with no permissions for anybody else. I changed a line in "/etc/profile" from "umask 022" to "umask 007". After rebooting the app server, the umask does appear to be 007 when you log in at the console. However, it doesn't seem to affect the terminals.
So I figured I needed to change it in "/opt/ltsp/i386/etc/profile". vi helped me out with that. Didn't make a difference in the terminals. Ok, I need to rebuild the image, so I did an "ltsp-update-image" and rebooted the terminal. umask is still 022. ???
I changed UMASK in "/opt/ltsp/i386/etc/login.defs" and rebuilt the image. No change. ??? I really don't understand why this isn't working.
How can I change the UMASK for users who log in on an LTSP terminal?
I've decided to move this question into a new thread since i haven't received an answer for 3 days. This question was originaly posted here: [URL]... I've already searched in google, however i wasn't able to find an answer that solves my problem... How can i change the umask on a per user basis so that each user can have its own umask to fit his needs? For example: I have four accounts on my system ex.
admin1 : admin,
admin2 : admin,
manager : stuff,
user : user,
-So now I want everything from the admin group to be by default set to 002 (so that every user that is in the admins group can have a full share (-rwx rwx r--) of everything that is created by the admins).
-Then the similar to the above managers shoud have 022 umask.
-And each of the regular users should have 002 or 022 or 077 it is up to the users choice.
I hope that i have provided enough info thorough the example.
I have ext3 partition mounted on /mnt/shared/ as follows
Code:
Permissions above are of the actual mounted fs.
Goal is to have all files created on the fs
1) to belong to group 'users'
2) to have this groups permissions set to rw (rwx for directories) so that all users who belong to group 'users' have full read/write access to data and everyone else to have only read access.
Now because of setgid bit (s) in group permissions every file created has group 'users' and additionally setgid bit is set for directories. Because every users umask by default (on my system) is set to 0022 all created files will have permissions 644 for ordinary files and 755 for directories.
Net result of above means that users A and B who both belong to group 'users' won't be able to modify files created by the other.
So how can I make files created on the fs to be created always with umask 0002 WITHOUT changing default umask for users that is used elsewhere (like in their home directory) ?
I have several directories, each owned by root and a group of the same name,By setting the sgid bit, I made sure that newly created files and directories are owned by the correct group, and that directories have the sgid bit set too.On each newly created directory or file, the permissions are set to 755. This is because this is the default umask, and I cannot change a users umask. I actually only want files created below a particular directory to have group write access, inheriting this behaviour to newly created directories properly.I'm not on samba or NFS, I have to do this for SSH users.The filesystem is ext3.I started to fool around with ACLs, but couldn't find what I was looking for.
View 3 Replies View RelatedI'm looking for a program that will add cookies to my web browser (firefox or chrome, preferably). The application would ask me for the Cookie's:Name
Content
Domain
Path
Send For (type of connection)
Expiration Date
If no one knows of an application that does this, does anyone know what files i could manually edit in order to change a particular browser's cookie values?
Not sure if this is the right place to ask this question. In Solaris we have umask (shell builtin) and /usr/bin/umask. However I could not find /usr/bin/umask in Linux.
I want to know the difference between both and how can we achieve the functionality of /usr/bin/umask in Linux as its not there...
I've been searching for the answer to my question for quite some time on google, no luck. Due to my searchings I've become very familiar with nice and renice.
I have a script I use for launching a game installed with wine. I cannot/wont run this game as root but I need to be able to use nice --7. As of now I can't I -- ofc -- get "permission denied"..
So how do I make the full range of niceness ( [-19;20] IIRC ) available for all users on my system -- or even just for 1 user?
im on ubuntu, and i was trying to change the settings under System->preference->network proxy
When i click apply system wide, it asks me for my root password wich i provide and then it asks me for this other password, with this message: Privileges are required to change gconf system values. What is this? is there a way around it?
I ran two scans in Zenmap: 1) Quick scan plus and 2) Quick Traceroute. Quick scan plus, under the Nmap Output tab, has a field called "Network Distance". The Quick Traceroute report under the same tab lists the HOP and RTT time. I was thinking that for a given server, the value for the Network Distance would be the same as the HOP field when initiating the scans from the same server, but they are not.
View 5 Replies View RelatedMy question is about TCP parameters in Linux. By now, I want to change the default values of:
Initial Timeout
ACK Delay
Idle Connection Timeout
I have a Linux Box with kernel 2.6.x and 2 ethernet interfaces. I know TCP is a stack that doesn't have anything to do with ethernet devices. Said that, the question: is there a way to set custom values for each interface? For example, a server listening to connections in eth0 would use one value for Idle Connection Timeout and another server listening to connections in eth1 could use a different value for that parameter.
We are trying to implement a firewall as kernel module through netfilter hooking (in C). In the following code we are allowing only TCP traffic. Source port number and destination port number are printed for every TCP packet. On execution, this code prints wrong port numbers. This is the first time we are using skb_transport_header function for accessing tcp headers.
We verified port numbers being printed by firewall through NFS traffic. On the same machine where firewall is running, we hosted an NFS server. An NFS client (from a different system) puts a file in exported mount. Firewall is able to capture packets for this file transfer but port numbers printed are wrong. It prints '69' for source portnumber (whereas ethereal capture shows it as 790) and prints '553231' for destination port (whereas for nfs version 4 it has to be 2049).
[Code]....
ok so im working on homework and im not understanding what my teacher is wanting me to do and i dont have time to email him seeing as he might not read it until tomorrow. so ill copy and paste and if anyone can better explain it,
2) Use the umask command to change your file creation mask such that,by default for new files and directories you create, no permissions are taken away from the 'user' (owner), write permissions are taken away from the 'group' (group owner), and all permissions (read, write and execute) are taken away from 'other'. Take a screenshot of your terminal window showing the results of this step.
3) Use the touch command to create a new file called testfile. Use the ls command to display the contents of your current directory in long mode. Take a screenshot of your terminal window showing the results of this step. Ensure that the directory listing for testfile is completely visible in your screenshot.
4) Use the chown command to change the user associated with testfile (the owner) to cint201. Take a screenshot of your terminal window showing the results of this step.
5) Use the chgrp command to change the the group associated with testfile (the group owner) to users. Take a screenshot of your terminal window showing the results of this step.
6) Use the chmod command to change the permissions for testfile such that the 'user' (owner) permissions are set to read, write and execute, the 'group' (group owner) permission are set to read and execute, the 'other' permissions are set to grant neither read, write nor execute, and finally set the SUID bit for the file. Take a screenshot of your terminal window showing the results of this step.
7) Use the ls command to display the contents of your current directory in long mode. Take a screenshot of your terminal window showing the results of this step. Ensure that the directory listing for testfile is completely visible in your screenshot.
i try to copy file music .oog .wav from Music folder to /usr/share/sounds/freedesktop/stereo but i can't and in folder /stereo i can't manage rename ,cut ,move to trash for all file .ogg when i right click at file to look Properties > at permissions i saw owner : root can not change these permissions
that 's i not understand about owner . and how i can change these permissions ?
I want to change the password complexity how do i do this?
View 9 Replies View RelatedI would like to know how to change the uname -a result in my server, i mean if the attacker upload a phpshell in any website for my customer, how could i have a fake uname -a for him?
View 7 Replies View RelatedDear Friends, For Upload a Web Site in my Local Fedora using Apache I need to use the /var/www/html folder.But I cant add/edit anything on html folder
View 3 Replies View RelatedI'm trying to change that:
Code:
modprobe ipt_recent ip_list_tot=500
But it's not work Can I change menually in /sys/module/xt_recent/parameters/ip_list_tot Or there is other way
How to change the passphrase for crypted partitions in F14?
View 1 Replies View RelatedI have a problem with my fedora workstation.I am trying to change my ldap user password through passwd command.When I first create the user on ldap server, I use md5 and create the user password.This is the entry:
Code:
dn: uid=boo,ou=People,dc=linux,dc=gettolandia,dc=org
uid: boo
[code]....
I receive messages such as the below:
SELinux is preventing /usr/sbin/httpd from using potentially mislabeled filesjk-runtime-status. SELinux has denied the httpd access to potentially mislabeled filesjk-runtime-status. This means that SELinux will not allow httpd to use these files. If httpd should be allowed this access to these files you should change the file context to one of the following types, httpd_tmp_t,
I know how to change the owner of a file and the permissions but what does it mean to change the file context?