Subject: Re: Permissions and effective rights
From: Mike Tibor (tibor@lib.uaa.alaska.edu)
Date: Tue Mar 26 2002 - 09:18:54 AKST
On Tue, 26 Mar 2002, Mike Barsalou wrote:
>
> Have a few questions about permissions:
>
> 1. How can you deny only one userid? Can you do that only by including
> everyone else?
What I do for this is just create a custom group to include the users who
need access for the particular directory structure.
> 2. What is the best way to restore the "factory" security settings on
> directories?
rpm would probably be good for this. I haven't actually checked this, but
something like "rpm -Va" might tell you what you want.
> 3. What are some good ways to determine what files and directories a
> particular user has on a system.
>
> For example, if I change a bunch of rights on a ftp directory how can I
> determine if user joe has the access he is supposed to but user mary still
> has the same access as she had before?
The only real test I can think of would be to su to that user and see if
you have the appropriate access. Ftp'ing in as that user would be even
better. Netware had (at least in 4.x; maybe it still does) a pretty cool
"effective rights" thing that would display what a user or group could do
for any given file or directory, but I don't know of anything like that
that you could use in Linux.
As I reread your question, I realize I may be misunderstanding it. If
you're looking to find out what stuff a user owns in a given directory
structure, find does wonderful:
find / -user joe
or
find / -uid 1001
Mike
-- Mike Tibor Univ. of Alaska Anchorage (907) 786-1001 voice Network Technician Consortium Library (907) 786-6050 fax tibor@lib.uaa.alaska.edu http://www.lib.uaa.alaska.edu/~tibor/ http://www.lib.uaa.alaska.edu/~tibor/pgpkey for PGP public key
This archive was generated by hypermail 2a23 : Tue Mar 26 2002 - 09:18:57 AKST