Re: Permission inheritance problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear All,

Fya.

chmod Examples
Let’s change some of the permissions as we discussed a couple of pages ago. Here’s the way our files are now:
-rwxr-xr-x  joe  acctg  archive.sh 
-rw-rw-r--  joe  acctg  orgchart.gif
-rw-rw-r--  joe  acctg  personnel.txt
-rw-r--r--  joe  acctg  publicity.html
drwxrwxr-x  joe  acctg  sales
-rw-r-----  joe  acctg  topsecret.inf
-rwxr-xr-x  joe  acctg  wordmatic 
First, let’s prevent outsiders from executing archive.sh
Before: -rwxr-xr-x  archive.sh 
Command: chmod o=r archive.sh 
After: -rwxr-xr--  archive.sh 
Take away all permissions for the group for topsecret.inf We do this by leaving the permissions part of the command empty.
Before: -rw-r-----  topsecret.inf 
Command: chmod g= topsecret.inf 
After: -rw-------  topsecret.inf 
Open up publicity.html for reading and writing by anyone.
Before: -rw-r--r--  publicity.html 
Command: chmod og=rw publicity.html 
After: -rw-rw-rw-  publicity.html

 



 
Regards,


MOHAMMAD ADLI BIN MT TAJUDIN
A8-2-7, DESA PANDAN APARTMENTS,
OFF JALAN KG. PANDAN,
55100 KUALA LUMPUR,
WEST MALAYSIA.


H/p number:  (017) 362 3661
Email: white.heron@xxxxxxxxx


________________________________
 From: Sanjay Chakraborty <sanjaychakrab@xxxxxxxxx>
To: General Red Hat Linux discussion list <redhat-list@xxxxxxxxxx> 
Sent: Monday, November 21, 2011 9:24 AM
Subject: Re: Permission inheritance problem
 
Sticky bit user for collaboration directory. and how it works in short:

suppose you create a group dev and create a directory /limit and that
is owned by dev group.

Now a user joe he is in dev group as secondary group. He wants to
modify a file in that directory but he will get 'permission deny' even
the directory is owned by dev group and it is 770.

Solution: apply stcky bit in that directory .. chmod 2770 /limit

Now joe can read write and execute files in /limit  directory.

Does it helped ?


On Fri, Nov 18, 2011 at 5:04 AM, kavya <kavya.g4@xxxxxxxxx> wrote:
> so if i set a sticky bit it applies for owner also????
>
> On Fri, Nov 18, 2011 at 2:05 PM, Cameron Simpson <cs@xxxxxxxxxx> wrote:
>
>> On 18Nov2011 11:07, kavya <kavya.g4@xxxxxxxxx> wrote:
>> |           Am working with file permission I have a query,
>> |
>> | usually on /mnt normal users will not be having permission to write so I
>> | gave permission such as
>> | #chmod 766 /mnt
>>
>> Surely you want 777 here? A directory with no 'x' permission is not
>> searchable; 'r' only lets someone see the names of the things in the
>> directory, 'x' (search) lets them access it. So with a directory you
>> almost always want to grant 'x' if you grant any access. You don't need
>> to give 'r', but it is usual. So 'r-x' and '--x' are sensible, 'r--' is
>> usually not sensible.
>>
>> | #chmod go+t /mnt
>>
>> You just want "+t" here. There is no such thing as "sticky bit for
>> group" or "sticky bit for other". There is only one bit.
>>
>> | I have enabled a sticky bit on /mnt  for group and
>> | others, as sticky bit is set, even the files and folders under /mnt can
>> not
>> | be deleted by others even if they have complete permissions and no sticky
>> | bit is set for files under /mnt,
>>
>> Yes.
>>
>> | is there any option to allow users to
>> | delete only particular files ?????
>>
>> No. The permissions on /mnt apply to the directory as a whole,
>> not on a per-name basis.
>>
>> If you want per-name control the best you can do is make subdirectories
>> and grant different accesses to those. Which is what home directories
>> effectively are, if you would like a similar arrangement.
>>
>> Cheers,
>> --
>> Cameron Simpson <cs@xxxxxxxxxx> DoD#743
>> http://www.cskk.ezoshosting.com/cs/
>>
>> My opinions are borrowed from someone who no longer needs them.
>>        -- KatmanDu@xxxxxxxxxxxxxx
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
>
>
>
> --
>
> Thanks and Regards
>
>         Kavya.N(Koramangala)
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>



-- 
Regards.
Sanjay Chakraborty

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux