Special Permissions in Linux . {setUID,setGID,Sticky Bit]

- 
Special Permissions:
````````````````````
setUID
setGID
Sticky Bit

setUID: Is allocated for files, so that who ever may run this file, process owner will be the owner of file(script).
 chmod u+s hello.sh
 
 hello.sh--> rw-r--r-- ==> rwSr--r--

setGID:
 file: how ever my run the script, process group will be the scripts  actul group.

 dir: Who ever may create a file in this directory, the file group  will be same as of the directory group.

 ex: 
 # mkdir /king (owner:root, group: root)
 # chmod g+s /king [rwxrwsr-x]

 User kumar creates a file in this directory
 hello.txt --> owner: kumar, group: root


sticky bit:
Is set only on directory so that any user can create files in this directory, but only the owner of file can remove such file, but not others

# chmod o+t /stage [rwxrwxrwt]

user: kumar
$cat > /stage/madhu.txt
ds;lfjl;sjdgl;
ctrl+z

user: madhu
$rm /stage/madhu.txt --> error

---------------------------------------------------------------------------

ACL: Access Control List
Using ACL we can give permissions to specific users/groups on a file/dir

setfacl -m : to add ACL permissions
 syn: setfacl -m <whome>:<name>:<permissions> filename

 ex: setfacl -m u:user1:rw hello.txt
     setfacl -m u:user2:r hello.txt
     setfacl -m g:dba:rwx hello.txt

setfacl -x: to remove permissions
 syn: setfacl -x <whome>:<name> filename

 ex: setfacl -x u:user1 hello.txt
     setfacl -x u:user2 hello.txt
     setfacl -x g:dba  hello.txt

getfacl: to view permissions on a file
 syn: getfacl filename
 ex: getfack hello.txt

note: for a newly created partition we have set acl,user_xattr mount options so that files in this partition can be set with ACL permissions
 tune2fs -o acl,user_xattr /dev/sda7

Comments

Post a Comment

Popular posts from this blog

Compression Tools in Linux[TAR,gzip]

-
Compression Tools: tar: to compress files compress files: ``````````````` syn: tar -cvf <tarfilename> <file(s)> ex: tar -cvf files.tar hello.txt hi.txt raj.txt -c: create -v: verbose -f: tar file name Uncompress files: ````````````````` syn: tar -xvf files.tar tar with GZIP feature: `````````````````````` compress: tar -czvf files.tar.gz file1 file2 file3 file4 uncompress: tar -xzvf files.tar.gz -------------------------------------------------------------------------- gzip & gunzip: gzip: to compress file(s) ex: gzip hello.txt gunzip: to uncompress the file(s) ex: gunzip hello.txt.gz ----------------------------------------------------------------------- Storing and Analysing Logs: What is a log file: A log file is that which have information about all activities done on a linux serer. By default log files will be available under /var/log/ folder. Files: messages: Contains most of the information about different activites secure : contains securi...
Read more

All about DataInstaller & Hrglobal.drv in Oracle Applications R12

-
All about DataInstaller & Hrglobal.drv in Oracle Applications All about DataInstaller & Hrglobal.drv in Oracle Applications This posts covers what is datainstaller & hrglobal.drv and when do we need to run them. DataInstaller and hrglobal.drv are used for installing legislative data into Oracle Applications,For example a company operates in multiple counntries and payroll and HR practices are different in each countires, So they need to have all the legislative regulations (Taxation and HR rules and regulations) of the all the countries they run their business. To achive this Oracle provides a set of patches, which need to applied to the Oracle applications. These patches are country specific, The patch matrix can be found from Latest Oracle HRMS Legislative Data Patch Available (HR Global / hrglobal) [ID 145837.1] To Install the legislative data please follow the below 4 steps: 1) PER & PAY modules need to be licenced ( This is madantory requirement) ...
Read more

PSU Patching step by step on RAC

-
OPatch utility version 12.1.0.1.7 or later to apply this patch. Grid Patch:---------------------------------------------------------------------------------------------------------------- From Oracle Home as oracle user:- /o001/home/oracle/product/12.1.0/db_1/OPatch/opatch lsinventory -detail -oh /o001/home/oracle/product/12.1.0/db_1 From Grid Home as grid user:- /o001/home/12.1.0/grid/OPatch/opatch lsinventory -detail -oh /o001/home/12.1.0/grid As root user:- /o001/home/12.1.0/grid/OPatch/opatchauto apply /o002/Oct_PSU_Patch/26635815 -analyze export PATH=/o001/home/12.1.0/grid/OPatch:$PATH opatchauto apply <UNZIPPED_PATCH_LOCATION>/27010872 Check Oracle permission $ORACLE_HOME/lib/libsqlplus.so --- Should be 644 From both oracle and grid users:- opatch lsinventory col ACTION_TIME for a30 col BUNDLE_SERIES for a15 select ACTION_TIME,PATCH_ID,PATCH_UID,VERSION,ACTION,STATUS,BUNDLE_SERIES,BUNDLE_ID from dba_registry_sqlpatch; ###################################Amar Jadhav ######...
Read more