On 11Feb2010 19:37, ESGLinux <esggrupos@xxxxxxxxx> wrote:
| I´m having a problem setting file permission because I need to do a strange
| thing.
|
| I have to set the permission of the files using the name of the file. I´ll
| try to explain myself:
|
| I need a rule that says that if the filename begins with public* everybody
| can make all with this file,
| If the file begins with private_g1* only the users in the g1 group can
| access de the file.
| If the file begins with private_g2* only the users in the g2 group can
| access de the file.
| ....
|
|
| When I create a new file the system must check the file name and assign the
| correct permissions.
|
| With normal security schema I think this is impossible, with acl I don´t
| know how to set new files automatically. so, what about selinux? can I make
| something like that with it?
Probably not.
| do you know other alternative?
You could have a small shell script. Run it regularly via cron or use
the inotify facilities to fun it on files as they get made.
A simple find(1) incantation like:
find your-dir \
-name public\* -exec chmod a+rw {} ';' \
-o -name private_g1\* -exec chmod o-rwx {} ';' -exec chgrp g1 {} ';' -exec chmod ug+rw {} ';' \
-o -name private_g2\* -exec chmod o-rwx {} ';' -exec chgrp g2 {} ';' -exec chmod ug+rw {} ';' \
......
Untested.
--
Cameron Simpson <cs@xxxxxxxxxx> DoD#743
http://www.cskk.ezoshosting.com/cs/
I must not fear. Fear is the mind-killer. Fear is the little death that
brings total obliteration. I will face my fear. I will permit it to pass
over me and through me. And when it has gone past I will turn the inner eye
to see its path. Where the fear has gone there will be nothing. Only I will
remain.
- Frank Herbert _Dune_
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
