Solved

Giving a user read access to the entire server

Posted on 2006-07-18
5
291 Views
Last Modified: 2010-04-21
I've been required to give read access to our security manager on one server.
How do I do this?  My environment:
SunOS sunsvr01 5.9 Generic_118558-16 sun4u sparc SUNW,Sun-Fire-280R

Thanks,
0
Comment
Question by:Jack Seaman
5 Comments
 
LVL 48

Accepted Solution

by:
Tintin earned 84 total points
ID: 17134011
Depends exactly what you mean by "read access".  If you want the security manager to have read access to *everything* on the system, then this is impossible with standard Solaris 9 install.

You need to be more specific with your requirements.
0
 
LVL 6

Assisted Solution

by:JJSmith
JJSmith earned 83 total points
ID: 17134585

If you are required to let a 'user' access your system - but they are only allowed to read stuff - then you have only one choice.

The user must be made 'captive' or 'jailed' and you must place whatever it is you want them to access within the view. That is not a simple subject and involves CHROOT'ing the user.

If you want to give a user read access to an existing file or directory, then lookup the 'chmod' command.

If you cannot 'jail' your user and you want them to only read stuff - then check that there are no public write permissions on any files - look up the 'find' command. (using both the group and other privileges)

If you find some then you have an issue - because removing the public privilege may impact other users.

Cheers
JJ


0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 83 total points
ID: 17137164
either use ACLs (the long and hard but secure way), or allow the user to use root (KISS - keep it simple stupid)
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question