Date: Tue, 17 Jul 2001 00:06:04 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: Eric Boucher <eric_boucher60@yahoo.com> Cc: FreeBSD <freebsd-questions@FreeBSD.ORG> Subject: Re: Giving some restriction to some user Message-ID: <Pine.BSF.4.21.0107162348100.37488-100000@ren.sasknow.com> In-Reply-To: <20010716222817.82828.qmail@web9406.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Eric Boucher wrote to FreeBSD: > Hi everyone, > > I wanted to know if there is a way to give some user access to read, > write or execute some files even if these users are not in the same > group as mine. The UNIX permission system was designed to be straightforward, efficient, and general purpose. It is therefore limited in granularity. It allows assigning read, write, and execute permission to the owner of the file, group, and everyone else, in that order. Therefore, unless you have the privileges on the system to create groups, it is not possible with standard UNIX perms to grant/deny access to individual users. If you can create a new group, though, there isn't much you can't do--for instance, how about the following in /etc/group: workgroup:*:1000:you,they What this does is create a new group called "workgroup", with two members: Users "you" and "they". You will still belong to the group assigned in the password database, but you also belong to this new group. If you then want to have a file accessible by only "you" and "they", try this: chgrp workgroup filename.txt chmod 660 filename.txt This gives "you" and "they" read and write access to filename.txt, and denies access to everyone else. And, if this seems cumbersome, this can also apply to entire directories of files. chgrp workgroup workdir chmod 770 workdir (Remember that all files created in workdir will now be owned by group "workgroup") If you need something more in-depth than this, you may be out of luck with the UNIX filesystem itself. You might want to consider layering another protocol or storage system, like CVS or an SQL server with some simple client automation scripts. FTP will also work in a pinch. There may also be some other system enhancements out there more specifically tailored to your application that I'm not aware of. > I heard that there is something like this on AIX told me that there is > a file which map the users and the permissions. I little bit like in > windows, you can personalize which one has the permission to do what. > > Thanks > > Eric Boucher > > __________________________________________________ > Do You Yahoo!? > Get personalized email addresses from Yahoo! Mail > http://personal.mail.yahoo.com/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- Ryan Thompson <ryan@sasknow.com> Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0107162348100.37488-100000>