sharscho
asked on
how to find out user rights on a linux server
Hi experts, I need to find which right an account has on linux.
I did cat /etc/passwd to get the user details and I did a cat /etc/group to see to which group it belongs but I still don't know for sure which rights this user has.
can someone explain to me wich right the user alm05213 has on this linux server?
what other commands can I use to find out more info?
This is the result for the cat /etc/passwd:
alm05213:x:500:90:ALM developer1:/home/alm05213:
alm01011:x:501:90:ALM developer2:/home/alm01011:
alm05192:x:502:90:ALM developer3:/home/alm05192:
the result for cat /etc/group:
oinstall:x:90:
alm05213:x:500:
alm01011:x:501:
alm05192:x:502:
I did cat /etc/passwd to get the user details and I did a cat /etc/group to see to which group it belongs but I still don't know for sure which rights this user has.
can someone explain to me wich right the user alm05213 has on this linux server?
what other commands can I use to find out more info?
This is the result for the cat /etc/passwd:
alm05213:x:500:90:ALM developer1:/home/alm05213:
alm01011:x:501:90:ALM developer2:/home/alm01011:
alm05192:x:502:90:ALM developer3:/home/alm05192:
the result for cat /etc/group:
oinstall:x:90:
alm05213:x:500:
alm01011:x:501:
alm05192:x:502:
jimmyray7
Access rights to what? If you're talking file access rights, post an 'ls -alF' from the directory where you have questions.
If you ask access rights to a file? you can use 'ls -ald <FILE_NAME>
Output may have several fields. But there are 4 main fields that look like
-rwxr-xr-- <owner> <group owner> ... <FILE_NAME>
(e.g: -rwxr-xr-- root root ...)
- rwx r-x r--
Looking at the first field, the first character is file type (- means regular file, it may be 'd' (directory), 'c' (character), 'b' (block).
3 next characters are 'permissions' of <owner> user (e.g: if it's rwx, mean <ower> will have read/write/execute <File_name>), 3 next characters are 'permissions' of <group. e.g: r-x means all users belong <group owner> will have read/execute on <File_name>).
Last 3 characters means access right of others (all other users). e.g: r-- means other users (that is not <owner> and not belong to <group ower> will have only read).
=> So if you want access right of a user to a file, please run ls -ald <file> and see what group your user belongs to
A lot of reference. e.g: http://www.comptechdoc.org/os/linux/usersguide/linux_ugfilesp.html
Output may have several fields. But there are 4 main fields that look like
-rwxr-xr-- <owner> <group owner> ... <FILE_NAME>
(e.g: -rwxr-xr-- root root ...)
- rwx r-x r--
Looking at the first field, the first character is file type (- means regular file, it may be 'd' (directory), 'c' (character), 'b' (block).
3 next characters are 'permissions' of <owner> user (e.g: if it's rwx, mean <ower> will have read/write/execute <File_name>), 3 next characters are 'permissions' of <group. e.g: r-x means all users belong <group owner> will have read/execute on <File_name>).
Last 3 characters means access right of others (all other users). e.g: r-- means other users (that is not <owner> and not belong to <group ower> will have only read).
=> So if you want access right of a user to a file, please run ls -ald <file> and see what group your user belongs to
A lot of reference. e.g: http://www.comptechdoc.org/os/linux/usersguide/linux_ugfilesp.html
You can also run sesudo without parameters to see if you have any sesudo rules in place. Now, if you are trying to figure out the equivalent of Windows', i.e. do I belong to an admin group; the answer then is: it doesn't quite work that way in Linux -or so I've been led to understand it.
ASKER
These users have to do some testing of the application on this server and also look at the configuration of their application. They are from the softwarehouse from where the application has been build, but they did not install. These accounts were created a while ago after that the application has been installed and they want to know what kind of access they have. They are not owner of any files on this server. I know about access to files and directories but I thought that by looking in the /etc/passwd and the /etc/group I will get to know with what kind of access these users were created. I see they are in the oinstall group and the 500, 501 etc are just unique id that are given to each account. But I think I was thinking the windows way and see now that I am wrong. So I will have to look at all files in the directory of the application and oracle appsserver to see what kind of access they have, am I correct? Is there no other way, besides installing the webmin to get to the information? It won't be easy to get permission to install webmin...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.