RE: setting perm to files with a patern in the file hame

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



building on the previous suggestions, also use something like:

chmog g+s just_group1

to ensure that any files or directories created under just_group1 will have group1 as the group,  in case group1 isn't the users primary group.

-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Carl T. Miller
Sent: Friday, February 12, 2010 7:46 PM
To: General Red Hat Linux discussion list
Subject: Re: setting perm to files with a patern in the file hame

Why don't you create three different directories and then
set up the appropriate permissions for each?  That would
do everything that you've said you wanted, and it would
also protect you from someone accidentally creating a file
and misspelling the prefix.

c


ESGLinux wrote:
> Thanks for your answer
>
> your solution is not valid for me because there is a time (before de cron
> runs) that the file has wrong permission and it could be potentially
> accesible by not autorized users.
>
> It could be a solution if I don´t find any thind better :-(
>
>
> Greetings,
>
> ESG
>
> 2010/2/12 Cameron Simpson <cs@xxxxxxxxxx>
>
>> On 11Feb2010 19:37, ESGLinux <esggrupos@xxxxxxxxx> wrote:
>> | I´m having a problem setting file permission because I need to do a
>> strange
>> | thing.
>> |
>> | I have to set the permission of the files using the name of the file.
>> I´ll
>> | try to explain myself:
>> |
>> | I need a rule that says that if the filename begins with public*
>> everybody
>> | can make all with this file,
>> | If the file begins with private_g1* only the users in the g1 group can
>> | access de the file.
>> | If the file begins with private_g2* only the users in the g2 group can
>> | access de the file.
>> | ....
>> |
>> |
>> | When I create a new file the system must check the file name and
>> assign
>> the
>> | correct permissions.
>> |
>> | With normal security schema I think this is impossible, with acl I
>> don´t
>> | know how to set new files automatically. so, what about selinux? can I
>> make
>> | something like that with it?
>>
>> Probably not.
>>
>> | do you know other alternative?
>>
>> You could have a small shell script. Run it regularly via cron or use
>> the inotify facilities to fun it on files as they get made.
>>
>> A simple find(1) incantation like:
>>
>>  find your-dir \
>>    -name public\* -exec chmod a+rw {} ';' \
>>    -o -name private_g1\* -exec chmod o-rwx {} ';' -exec chgrp g1 {} ';'
>> -exec chmod ug+rw {} ';' \
>>    -o -name private_g2\* -exec chmod o-rwx {} ';' -exec chgrp g2 {} ';'
>> -exec chmod ug+rw {} ';' \
>>    ......
>>
>> Untested.
>> --
>> Cameron Simpson <cs@xxxxxxxxxx> DoD#743
>> http://www.cskk.ezoshosting.com/cs/
>>
>> I must not fear.  Fear is the mind-killer.  Fear is the little death
>> that
>> brings total obliteration.  I will face my fear.  I will permit it to
>> pass
>> over me and through me.  And when it has gone past I will turn the inner
>> eye
>> to see its path.  Where the fear has gone there will be nothing.  Only I
>> will
>> remain.
>>        - Frank Herbert _Dune_
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux