Server :: RHEL 5 - How To Set Permissions On Files / Folders
Jul 1, 2010
I am using RHEL 5 on my server. The client machines are windows XP.File sharing is through samba server which is working okay. On this file server there is a shared directory for users. This directory contains files which are used by various users through oracle APP. and DB server.
At present the folders under the "shared" folder are having all permissions i.e. 777. To restrict certain things, I want that users may read and modify the files but may not be in a position to move or delete the files. How to set the permissions on the folders/files in this scenario?
I have a Samba share set up on a SUSE server that about 30 Windows XP clients are connecting to on a daily basis. They connect using Winbind and their Active Directory usernames and passwords which are stored on a Windows small business server (Server 2003). The share is called "company" and it's right off the root of the partition. Within "company" there are about 75-100 folders, most of which need to be publicly available and publicly writeable. There are a few that need to be locked down to a certain group of people so I've used group membership and access control lists for those.
The permissions on new files/folders still aren't right though, so I'll just try to explain what I WANT rather than trying to resolve what is HAPPENING since I think that'll be easier. Currently the entire company directory and all subdirectories and files are user-owned by "administrator" (an active directory domain admin). I'd like new folders and files created anywhere in that directory or any subdirectory to maintain that ownership by administrator, regardless of who creates them.
Likewise, the entire directory and all subdirectories/files are group-owned by "domain users" (a builtin active directory group which is pulled in via winbind) which gives everyone write access to everything. I'd like that ownership to be maintained as well on any new files or folders created in /company or any subdirectory therein. I think this is working for the most part as I've set the setgid bit on company. I'd like any files or folders created in /company or any subdirectory therein to have 770 permissions (rwxrwx---).
So, what I want is regardless of who creates a file or folder anywhere in "company" - it should be owned by user "administrator" and group "domain users" and have 770 permissions. I'd like to make a little tweak to this post. Above I said I wanted anything created under Company to be created with group owner "domain users" - that actually only goes for anything that will be public. On the folders I have locked down via group membership and ACLs the new files/folders created within should maintain ownership of whatever group owns that directory. I should be able to do this by setting rwxrws--- permissions on secured directories.
I have a shared partition on Ubuntu, 'dm-6', if I create a new folder in it, it has 'teocomi' as owner.If I create the folder from another (windows) PC the owner is 'nobody' and from Ubuntu I have to chmod/chown it in oredr to edit its content...Is there a way to set automatically permission and owner for newly created folders and directories?
I've just read that I can't change the file permissions of files and folders if they are sitting in what was my old Windows D: drive. Is this correct? If so what is the work-around?
I don't want to have to cut and paste that entire D: drive's contents over to a recognised Ubuntu folder. I had in my mind that this D drive would continue to be my data dumping ground, to which I need read/write access to.
I want to add my daughter as a user and give her full permissions to all the same folders and files that I use. I have given her permission to folders and their sub folders however she doesn't have rwx on the individual files within the folders. What is the command line to set this up?
Also with the command;
Code: chown -R root:root files
what is the -R for and when do I need or not need it?
First off I want to apologize for the fact that the first several paragraphs go into something seemingly unrelated to the subject of this thread. However I want to be sure that those who choose to lend me a hand understand where I'm coming from and why I'm asking that question.I just recently switched from Windows Vista to Ubuntu 10.04. So far I've been loving it mostly. But their is one oddball thing I haven't been able to get working. That is a pair of shared folders located on my NTFS external drive connected via USB2.
The drive was automatically mounted on first boot and has full read/write access for owner (which is my username) right out of the gate. For this reason I assumed I would be good to do this.I've been unable to get it working in Ubuntu. As it stands now I've manually added them to smb.conf, added them to the Samba Server Configuration and finally by right clicking the folder in nautilus and choosing Sharing Options. All with varying resultsAt best it will show the shares under the computer but not allow access. I've also cleared out all of these for those folders to try them individually or in different orders. What I found was that using Sharing Options first gives this error and sets nothing up. But either of the other two will at least show the share albeit with no access.
Quote:'net usershare' returned error 255: net usershare add: cannot convert name "Everyone" to a SID. Invalid parameter.What I've discovered is that if I use just the Sharing Options from Nautilus on any folder located on my ext4 partition or the internal NTFS partition then it will ask if applicable to adjust the permissions and though nothing appears in smb.conf that it works more or less just fine.Having played with "ls -l" I discovered that by default that ownership of the folders on the external NTFS is set to myself and that permissions are 700. On the ext4 partition ownership is set to myself and permissions on folders 711. The folders on the internal NTFS partition has an ownership of "root" and permissions set to 777
From here I tried to use "sudo chmod" via a terminal to manually change permissions for folders on all 3 partitions and I can do so for the ext4 and the internal NTFS owned by root. But no matter what I cannot for the external NTFS.The main thing is I want to know why I can't adjust those permissions on the external. I'm convinced that something to do with the way USB drives work by default must be impacting this but I could not find a single thing anywhere to confirm this much less to offer a solution.The second thing is that I installed and used mountmanager to automatically mount the internal NTFS and according to that softwares options the setup for both it and the external NTFS are the same. But if that is true then why is the external owned by me and the internal by root and the resulting permissions are completely different?
Being new to Linux, i've just about got used to the Debian setup procedure now, but had a quick question on the default ownership of files and folders. On my default Debian installation, almost all the folders and files are owned by root:root. Is this the correct advised configuration or should the folders and files be owned by a user without root permissions - eg user:user?
We have a bunch of directories created for apps on server that were configured to a local group account (for ex: oracle). We have enabled AD using winbind after 6 months after these servers have been in use. So how can we tie the local oracle group account with the one in our AD tree.the test useris configured in the oracle group in AD and the test users primary group is oracle
We have a development server not accessible to the public used for testing which was setup for us. When attempting to have my PHP scripts upload an image to a folder, I have to CHMOD the folder to 777. Ideally, when a folder is created it has permissions set to 755 - I want to be able to upload to them. Is there a way to change permissions to allow the PHP scripts that run to be able to write to a folder? I know it has something to do with owner or group, but I don't know where to start.
we are running a Red Hat Enterprise Linux ES release 3 (Taroon Upd 5) Kernel 2.4.21-32.ELsmp since several years. The server hosts an old ERP system who will be replaced at the end of the year.However it is necessary that some collegues are able to write some files to that server regulary. Since we are running Windows 7 on several machines, those users aren't anymore able to write to the samba share. Getting files from the share works fine.
But the problem seems not to be situated at the samba service because also the transfer using SSH (WINSCP) from any Win7 system to the server doesn't work.During testing we recogniced that transfering files smaller then 1kb works fine ... any file greater then 1kb ends up in an connection abort. This works with samba and also using SSH.All the workarounds editing some registry entries in Win7 for improving the interoperability between vista / win7 and samba don't work for us ... and also seem not to be the source of the problem.Is there a general known incompatibility between our RHEL version / kernel and Windows 7 regarding file transfers?
I had a running server (mandrake10.1) that I wanted to transfer to a better version of linux, so, I decided to install in a new hard drive the new version and adding as slave the old hard drive that it contended data files. When I finish all the installation I start to try to find the old data files but I din't find, (/dev/hdb), the hd is mounted already, but when I look inside all files are hide.
There are few hundred tar.gz files each having several sub dirs in them (ex: ftp_server1_logs, mail_server2_logs). However the main tar.gz files (ex: 20101001.tar.gz) does not contain all sub dirs every time (ex: 20101001.tar.gz may only contain some ftp server log dirs etc..)
what i have to do is find the tar.gz files that contain a specific type of log type (ex: ftp logs) and extract all logs to a single folder (ex: ftp logs)
I'm having an issue that I've seen before on other OS's (Solaris), but I'm coming up blank on solving for an NFS mount shared from RedHat I've googled this, and looked through all the FAQs and mail lists I can find.
The issue is this:
Whenever a new file is created from an NFS client to an NFS mounted file system, the group and world permissions are being stripped such that any new file created ends up with 0600 as the file permissions. On the server, I have tried various sharing options (all_squash, anonuid, anongid, no_acl) with no luck. I've looked at the underlying mount point ownership and permissions, checked the file system acl's (getfacl...they match the visible file system), and set the custom SELinux (not mine) config to permissive. The file system is on an LVM partition, and has an SELinux group assigned in /etc/fstab. I've unmounted it, and performed a vanilla mount (no options). No amount of trial and error is working. Any file created by any user on an nfs client machine creates files with 0600 permissions, and local users on the nfs server create files with permissions based off their umask settings. I originally thought it was due to mismatches in permissions from Windows to Linux (The server also NFS shares to Windows 2K boxes using hclnfsd (PC/NFS)), but I confirmed the same issue between RedHat systems.
One thing I'm wondering from my reading. It's mentioned in many places that ownership should be root in most cases and not some other user. This entire file structure is owned by a user that is ONLY local to the server box (long story, but the box is isolated....no DNS and only local users and settings).
I have an intermittent issue with with Samba. I can access my samba share with windows xp and vista using windows networking and even by mapping the share to a drive. The problem is that the files and folders disappear inadvertently and I can only access them again if I open the share again from the start with windows explorer. Selinux is disabled and the firewall ports for samba are open. The following software is installed:
I'm looking for a Syncronizacion Softwares (running as a daemon) to do a unidirectional syncronization of some files/folders from a lot of servers to one central server.As there are a lot of servers i want a software that only needs to be installed on the central server and pulls the files/folders from the other servers.rsync and unison need to be installed on both machines and syncronize the files/folder by sending them from al the servers to the central server(its no the central server the one who pulls the files/folder from the other servers), so they dont work for what i want.
I experienced a full hard drive yesterday due to a massive error_log. We took care of the errors, but later found out we were missing files, including a MySQL database table. Having a shopping cart and ecommerce stuff on the site, we found that some of those files were missing, too.Does RHEL 5 have some sort of feature for automatically deleting files when the partition is full? If it does, I want to turn it off.
What are the bare minimum configuration files that would be needed to rebuild a RHEL server?We are thinking about creating a generic base image and then just copying over the necessary files (fstab, hosts, networking, etc) to get a failed system back up and running in the least amount of time possible. I am fairly new to Linux and have suggested that we have a share on a redundant server that is /server_configs/Svr_name/*.* (names are subject to change and *.* would be all of the pertinent config files to make a fresh build customized enough to emulate the failed server).Is this even possible and/or plausible?
and then putting it in the /usr/local/bin directory. Ok, the things seem to be fine, but then I realized that the program tries to write some config and log files. I noticed that because some warnings appear in the command line, like that Couldn't write etconfig.cfg always that I run the command as a normal user. On the other hand, if I give writing permission to these files, all the warnings disapear. But I don't think it is a good way, because someone could change these files by hand, what would not be good.
My last try was to set the suid of the script up, with the command chmod u+s /usr/local/bin/etded-server But as I already knew that suid does not work well with shell script I wrote a C source like that:
just thought i would throw this out there as a google search doesnt even come back with what i need. I have setup proftp with a mysql auth on a debian box. When i save files or try to modify them i get an error. Ie i dont have permission. When i look at the permissions for the files, it has a 2001 user permission and a ftpgroup as the group permission.
I want it to be ftpuser and ftpgroup with readable and writable permissions for the user and group. This is my second proftp box and i basiclly copied the config files over from the old box.
Currently have access to a VPS where we are running a small game server on ubuntu - the problem is that it is a multi-user environment, so when one person restarts the server process, all files it creates are owned by that users name and group. I have created a group called 'game' and added both users to it, but I need to know how to make all files in the game server's directory to be r/w/x for the group 'game'. Currently, I have a script that chowns and chmods all files recursively on startup, but I'd prefer not having to do this.
After what feels like weeks have tinkering around trying to get a Samba file server set up, I've finally given up! I have 4 drives and 2 groups:
1) Dev - Available to all users in both groups (normal and admin) 2) Misc - Available to users in admin group only 3) Admin - Available to users in admin group only 4) Accounts - Available to users in admin group only
Drives 1 and 2 are working fine, with the correct access rights. Drives 3 and 4 can be browsed by admins only, but no changes can be made at all - files & directories can't be renamed/moved/deleted. What is most confusing is that Drive 2 is set up exactly the same as Drives 3 and 4. The process I went through to get them working:
I need to know is there any way to record or tracking or make logging if when user samba delete files or folders i can know that, cause sometimeon samba server some users complain they lost files, though i have daily backup and i can restore their files, i just want to know if or maybe some other users in one group accidentally move or delete the files.
I've a problem on one of my servers with file permissions. Quite simply , when I run chmod 777 -R against a folder , it seems to be inconsistent on making that particular folders permissions trickle down to the folders beneath. Some folders inherit its permissions , some don't. For example...
/projects Contains /Jan /Feb /Mar /April
They all in turn contain folders marked /1 , /2 , /3 , up to /10, these folders all contain more folders , running to a depth of 6.
However , depending on what folder our users save their files into , some are saved with rwxrwxr-- , some get saved with rwxrwxrx. Forgive my lack of understanding but if I run the above command against the top level folder will this not make every folder and file below it inherit its permissions of 777 ?? Or is there something else that I need to do?