Special Permissions in Linux . {setUID,setGID,Sticky Bit]

- 
Special Permissions:
````````````````````
setUID
setGID
Sticky Bit

setUID: Is allocated for files, so that who ever may run this file, process owner will be the owner of file(script).
 chmod u+s hello.sh
 
 hello.sh--> rw-r--r-- ==> rwSr--r--

setGID:
 file: how ever my run the script, process group will be the scripts  actul group.

 dir: Who ever may create a file in this directory, the file group  will be same as of the directory group.

 ex: 
 # mkdir /king (owner:root, group: root)
 # chmod g+s /king [rwxrwsr-x]

 User kumar creates a file in this directory
 hello.txt --> owner: kumar, group: root


sticky bit:
Is set only on directory so that any user can create files in this directory, but only the owner of file can remove such file, but not others

# chmod o+t /stage [rwxrwxrwt]

user: kumar
$cat > /stage/madhu.txt
ds;lfjl;sjdgl;
ctrl+z

user: madhu
$rm /stage/madhu.txt --> error

---------------------------------------------------------------------------

ACL: Access Control List
Using ACL we can give permissions to specific users/groups on a file/dir

setfacl -m : to add ACL permissions
 syn: setfacl -m <whome>:<name>:<permissions> filename

 ex: setfacl -m u:user1:rw hello.txt
     setfacl -m u:user2:r hello.txt
     setfacl -m g:dba:rwx hello.txt

setfacl -x: to remove permissions
 syn: setfacl -x <whome>:<name> filename

 ex: setfacl -x u:user1 hello.txt
     setfacl -x u:user2 hello.txt
     setfacl -x g:dba  hello.txt

getfacl: to view permissions on a file
 syn: getfacl filename
 ex: getfack hello.txt

note: for a newly created partition we have set acl,user_xattr mount options so that files in this partition can be set with ACL permissions
 tune2fs -o acl,user_xattr /dev/sda7

Comments

Post a Comment

Popular posts from this blog

All about DataInstaller & Hrglobal.drv in Oracle Applications R12

-
All about DataInstaller & Hrglobal.drv in Oracle Applications All about DataInstaller & Hrglobal.drv in Oracle Applications This posts covers what is datainstaller & hrglobal.drv and when do we need to run them. DataInstaller and hrglobal.drv are used for installing legislative data into Oracle Applications,For example a company operates in multiple counntries and payroll and HR practices are different in each countires, So they need to have all the legislative regulations (Taxation and HR rules and regulations) of the all the countries they run their business. To achive this Oracle provides a set of patches, which need to applied to the Oracle applications. These patches are country specific, The patch matrix can be found from Latest Oracle HRMS Legislative Data Patch Available (HR Global / hrglobal) [ID 145837.1] To Install the legislative data please follow the below 4 steps: 1) PER & PAY modules need to be licenced ( This is madantory requirement) ...
Read more

EBS Oracle Database 11.1.0.7 upgrade to 11.2.0.4 steps .

-
Image
Oracle Database 11.1.0.7 upgrade to 11.2.0.4       Section 1: Upgrading an R12 Database to Oracle Database 11g Release 2 (11.2.0) Verify software versions:-   The following software component versions must exist in your environment. Software Minimum Version Tier Details Oracle Database Enterprise Edition N/A Database Read the "Determine the Upgrade Path" subsection in Chapter 2 of the Oracle Database Upgrade Guide 11g Release 2 (11.2) . Make sure that direct upgrade is supported from your current release. Oracle E-Business Suite 12.0.4 or 12.1.1 Application If you are on E-Business Suite Release 12.0, apply Patch 6435000  - Oracle E-Business Suite 12.0.4 Patch 8623536  - 11g Release 2 interoperability patch for Release 12.0.4 Patch 9868229 If you are on E-Business Suite Release 12.1, apply ...
Read more

PSU Patching step by step on RAC

-
OPatch utility version 12.1.0.1.7 or later to apply this patch. Grid Patch:---------------------------------------------------------------------------------------------------------------- From Oracle Home as oracle user:- /o001/home/oracle/product/12.1.0/db_1/OPatch/opatch lsinventory -detail -oh /o001/home/oracle/product/12.1.0/db_1 From Grid Home as grid user:- /o001/home/12.1.0/grid/OPatch/opatch lsinventory -detail -oh /o001/home/12.1.0/grid As root user:- /o001/home/12.1.0/grid/OPatch/opatchauto apply /o002/Oct_PSU_Patch/26635815 -analyze export PATH=/o001/home/12.1.0/grid/OPatch:$PATH opatchauto apply <UNZIPPED_PATCH_LOCATION>/27010872 Check Oracle permission $ORACLE_HOME/lib/libsqlplus.so --- Should be 644 From both oracle and grid users:- opatch lsinventory col ACTION_TIME for a30 col BUNDLE_SERIES for a15 select ACTION_TIME,PATCH_ID,PATCH_UID,VERSION,ACTION,STATUS,BUNDLE_SERIES,BUNDLE_ID from dba_registry_sqlpatch; ###################################Amar Jadhav ######...
Read more