Read Access in Linux File System. rwx---r-- [closed] - linux

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
Consider a file with the following permissions:
rwx---r--
I am not the owner of this file, but I am a member of the group of this file.
My question is: do I have read access to this file?
I thought the answer was YES, since the world has read access to this file. But, a sysadmin is telling me that the answer is NO, since the group access bits are all off.
Can someone provide an authoritative answer?

drwxrwxr-x
Position 1 says whether it is a directory or a normal file. d for directory and - for normal file
Positions 2,3 and 4 stands for read, write, execute permissions for user of the file.
Positions 5,6 and 7 stands for read, write, execute permissions for group.
Positions 8,9 and 10 stand for read, write, exeucte permissions for the owner of the file.
So for rwx---r--, group has no permissions as group bits are turned off.

Related

How to permit securely Bob to read some file in /var/log/? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
this is my first question here.
I'm using a Centos server.
I want to know how to permit proprely a non-sudoer user (let's call it Bob) to read a specific file in /var/log. I want to be able to read some logs without being root and without jeoparadizing my logfile.
For the moment,
I created a group named "loggers"
I added Bob to the group
I made a chgrp for the file I want to read with Bob
I changed file permissions from 600 to 640.
Is there any better (secure) way to make the same thing ?
If you're happy with a special group, then that is the way to do it. The alternative is to use ACLs, which are additive to standard unix permissions. You'd return your logfile to its original unix permissions then permit Bob with something like
setfacl -m user:Bob:r-- /var/log/mylogfile.log
There are circumstances where ACLs are unfavorable, in particular where you have file backup/migration across servers or filesystems. However, this isn't the case for your scenario.

Linux put permissions good [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
What I would like to is create a directory that belongs to a group and each of those member can create, edit & remove files.
chgrp OldGroup NewGroup
chmod g=rwx
That's what I learned, but now my big problem is that I need to make sure people from that group can only delete their own files.
I am not sure how to put these rights,
if you have any ideas, please share them!
Thnx for reading.
did you try setting sticky bit?
chmod 1775 /directory/with/group/files
when the sticky bit is enabled on a directory, users (other than the owner) can only remove their own files inside a directory. This is used on directories like /tmp whose permissions are 1777=rwxrwxrwt

How to create unreadable files in linux [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have a configuration file with me and want to make the file unreadable to others.
What can be done with it?
Encryption is a way to do it but Encryption makes the file uninstallable in Linux platform.
Just remove the readable mode bit for others
chmod o-r file.txt
or set the umask at creation time appropriately
umask 027
this turns off the w bit for the group and rwx bits for others, when you create a new file.
If it should be readable for the software only, you can set the permissions to
chmod 0400 file.conf
or with umask
umask 0377
Which is the same as -r--------.
For this to work, the file must have the same userid as the software process reading it.

NFS different permissions to subdirectories [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have the following /etc/exports config for my NFS server.
/root/share *(rw,fsid=0,no_root_squash)
/root/share/music anne(rw,no_root_squash) alex(rw,no_root_squash)
/root/share/video anne(rw,no_root_squash) alex(ro,no_root_squash)
I want anne to have rw access to both directories. I want alex to have only ro access to /root/share/video. The problem with my current config is that they both have rw access.
If I change the first line to
/root/share *(ro,fsid=0,no_root_squash)
It overwrites every other line and makes all directories read-only.
How can I make the first line take effect only on /root/share ?
Thank you.
You are very confused about what constitutes an exported filesystem. /etc/exports does not contain an Access Control List - not really. It contains a list of independent filesystems and how they should be exported.
Each entry is completely separate from each other and the export name matching is exact, not recursive - if alex mounts /root/share only the first entry will be used. In the same vein, alex cannot mount /root/share/misc directly because it is not an exported directory.

Use of /etc/passwd-, /etc/shadow-, /etc/group- [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
In addition to the files : /etc/group, /etc/passwd and /etc/shadow, I could see three files in my linux machine.
/etc/group-
/etc/passwd-
/etc/shadow-
I cannot see these files in my root filesystem. But when I try to add one user using useradd command, these files seem to get generated.
So i would like to know when exactly is these files created and what is the use of these files?
These are backups of previous versions.
Manual pages show these files and states:
/etc/passwd-
Backup file for /etc/passwd.
/etc/shadow-
Backup file for /etc/shadow.
Note that this file is used by the tools of the shadow toolsuite, but not by all user and password management tools.
See http://manpages.ubuntu.com/manpages/oneiric/man5/shadow.5.html and http://manpages.ubuntu.com/manpages/oneiric/man5/passwd.5.html

Resources