setting perm to files with a patern in the file hame

Carl T. Miller carl at carltm.com
Sat Feb 13 01:46:20 UTC 2010 

Why don't you create three different directories and then
set up the appropriate permissions for each?  That would
do everything that you've said you wanted, and it would
also protect you from someone accidentally creating a file
and misspelling the prefix.

c


ESGLinux wrote:
> Thanks for your answer
>
> your solution is not valid for me because there is a time (before de cron
> runs) that the file has wrong permission and it could be potentially
> accesible by not autorized users.
>
> It could be a solution if I don´t find any thind better :-(
>
>
> Greetings,
>
> ESG
>
> 2010/2/12 Cameron Simpson <cs at zip.com.au>
>
>> On 11Feb2010 19:37, ESGLinux <esggrupos at gmail.com> wrote:
>> | I´m having a problem setting file permission because I need to do a
>> strange
>> | thing.
>> |
>> | I have to set the permission of the files using the name of the file.
>> I´ll
>> | try to explain myself:
>> |
>> | I need a rule that says that if the filename begins with public*
>> everybody
>> | can make all with this file,
>> | If the file begins with private_g1* only the users in the g1 group can
>> | access de the file.
>> | If the file begins with private_g2* only the users in the g2 group can
>> | access de the file.
>> | ....
>> |
>> |
>> | When I create a new file the system must check the file name and
>> assign
>> the
>> | correct permissions.
>> |
>> | With normal security schema I think this is impossible, with acl I
>> don´t
>> | know how to set new files automatically. so, what about selinux? can I
>> make
>> | something like that with it?
>>
>> Probably not.
>>
>> | do you know other alternative?
>>
>> You could have a small shell script. Run it regularly via cron or use
>> the inotify facilities to fun it on files as they get made.
>>
>> A simple find(1) incantation like:
>>
>>  find your-dir \
>>    -name public\* -exec chmod a+rw {} ';' \
>>    -o -name private_g1\* -exec chmod o-rwx {} ';' -exec chgrp g1 {} ';'
>> -exec chmod ug+rw {} ';' \
>>    -o -name private_g2\* -exec chmod o-rwx {} ';' -exec chgrp g2 {} ';'
>> -exec chmod ug+rw {} ';' \
>>    ......
>>
>> Untested.
>> --
>> Cameron Simpson <cs at zip.com.au> DoD#743
>> http://www.cskk.ezoshosting.com/cs/
>>
>> I must not fear.  Fear is the mind-killer.  Fear is the little death
>> that
>> brings total obliteration.  I will face my fear.  I will permit it to
>> pass
>> over me and through me.  And when it has gone past I will turn the inner
>> eye
>> to see its path.  Where the fear has gone there will be nothing.  Only I
>> will
>> remain.
>>        - Frank Herbert _Dune_
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

More information about the redhat-list mailing list