?
Solved

Giving a user read access to the entire server

Posted on 2006-07-18
5
Medium Priority
?
304 Views
Last Modified: 2010-04-21
I've been required to give read access to our security manager on one server.
How do I do this?  My environment:
SunOS sunsvr01 5.9 Generic_118558-16 sun4u sparc SUNW,Sun-Fire-280R

Thanks,
0
Comment
Question by:Jack Seaman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 336 total points
ID: 17134011
Depends exactly what you mean by "read access".  If you want the security manager to have read access to *everything* on the system, then this is impossible with standard Solaris 9 install.

You need to be more specific with your requirements.
0
 
LVL 6

Assisted Solution

by:JJSmith
JJSmith earned 332 total points
ID: 17134585

If you are required to let a 'user' access your system - but they are only allowed to read stuff - then you have only one choice.

The user must be made 'captive' or 'jailed' and you must place whatever it is you want them to access within the view. That is not a simple subject and involves CHROOT'ing the user.

If you want to give a user read access to an existing file or directory, then lookup the 'chmod' command.

If you cannot 'jail' your user and you want them to only read stuff - then check that there are no public write permissions on any files - look up the 'find' command. (using both the group and other privileges)

If you find some then you have an issue - because removing the public privilege may impact other users.

Cheers
JJ


0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 332 total points
ID: 17137164
either use ACLs (the long and hard but secure way), or allow the user to use root (KISS - keep it simple stupid)
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question