[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Giving a user read access to the entire server

Posted on 2006-07-18
5
Medium Priority
?
305 Views
Last Modified: 2010-04-21
I've been required to give read access to our security manager on one server.
How do I do this?  My environment:
SunOS sunsvr01 5.9 Generic_118558-16 sun4u sparc SUNW,Sun-Fire-280R

Thanks,
0
Comment
Question by:Jack Seaman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 336 total points
ID: 17134011
Depends exactly what you mean by "read access".  If you want the security manager to have read access to *everything* on the system, then this is impossible with standard Solaris 9 install.

You need to be more specific with your requirements.
0
 
LVL 6

Assisted Solution

by:JJSmith
JJSmith earned 332 total points
ID: 17134585

If you are required to let a 'user' access your system - but they are only allowed to read stuff - then you have only one choice.

The user must be made 'captive' or 'jailed' and you must place whatever it is you want them to access within the view. That is not a simple subject and involves CHROOT'ing the user.

If you want to give a user read access to an existing file or directory, then lookup the 'chmod' command.

If you cannot 'jail' your user and you want them to only read stuff - then check that there are no public write permissions on any files - look up the 'find' command. (using both the group and other privileges)

If you find some then you have an issue - because removing the public privilege may impact other users.

Cheers
JJ


0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 332 total points
ID: 17137164
either use ACLs (the long and hard but secure way), or allow the user to use root (KISS - keep it simple stupid)
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question