System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

give read permission to a certain user to a certain file

Aristotle
Advisor

give read permission to a certain user to a certain file

I want to give user1 a read permission to a restricted /tmp/test22/admin/aaa but an error always occur.
I tried some commands below. But still i get an error.

#setacl -m u:user1:r-- /tmp/test22/admin/aaa
# find /tmp/test22/admin/aaa -exec setacl -m u:user1:r /tmp/test22/admin/aaa {} \;
# find /tmp/test22/admin/aaa -exec setacl -m u:user1:r /tmp/test22/admin/aaa {} ';'

OUTPUT:
$whoami
user1
$ cat /tmp/test22/admin/aaa
cat: Cannot open /tmp/test22/admin/aaa: Permission denied
$ cat /tmp/test22/admin/aaa
cat: Cannot open /tmp/test22/admin/aaa: Permission denied
$




10 REPLIES
Dennis Handly
Acclaimed Contributor

Re: give read permission to a certain user to a certain file

I'm not sure why you are using a find command with the explicit path to the file?
Only use setactl(1).

What does "ll /tmp/test22/admin/aaa" show?

You also need to make sure the user has X access on the directories: /tmp/test22 /tmp/test22/admin
Jeeshan
Honored Contributor

Re: give read permission to a certain user to a certain file

to read a file you need to open first, means execute permission.

#setacl -m u:user1:r-x /tmp/test22/admin/aaa
a warrior never quits
Aristotle
Advisor

Re: give read permission to a certain user to a certain file

Still the error occurs. And I just followed the permission in oracle directory. I want some user to view a file their. So i made a a directory and have a similar permissions throught the subdirectory. I already tried this one:
setacl -m u:user1:r-x /tmp/test22/admin/aaa

but still it occurs. And im not really fond of using

-x beacuse what if the file is executable.
Dennis Handly
Acclaimed Contributor

Re: give read permission to a certain user to a certain file

>ahsan: to read a file you need to open first, means execute permission.

This (X) is only needed for directories and executables.
Aristotle
Advisor

Re: give read permission to a certain user to a certain file

yeah i know but the problem has not been solved :)

still permission denied. i could not afford to change the permission of /tmp/test22/admin.

So all i have to do is to setacl. BUt setacl cannot solve the problem.
Dennis Handly
Acclaimed Contributor

Re: give read permission to a certain user to a certain file

>still permission denied. i could not afford to change the permission of /tmp/test22/admin.
>So all iI have to do is to setacl. But setacl cannot solve the problem.

You need to use setacl on /tmp/test22/admin:
setacl -m u:user1:--x /tmp/test22/admin
Aristotle
Advisor

Re: give read permission to a certain user to a certain file

:)

setacl -m u:aris:--x /tmp/test22/admin/aaa has no effect :)
Dennis Handly
Acclaimed Contributor

Re: give read permission to a certain user to a certain file

>setacl -m u:aris:--x /tmp/test22/admin/aaa has no effect :)

Please provide the output for the whole path:
getacl / /tmp /tmp/test22 tmp/test22/admin /tmp/test22/admin/aaa
Aristotle
Advisor

Re: give read permission to a certain user to a certain file


# getacl / /tmp /tmp/test22 tmp/test22/admin /tmp/test22/admin/aaa
# file: /
# owner: root
# group: root
user::rwx
group::r-x
class:r-x
other:r-x

# file: /tmp
# owner: root
# group: root
user::rwx
group::rwx
class:rwx
other:rwx

# file: /tmp/test22
# owner: root
# group: sys
user::rw-
user:aris:r-x
group::rw-
class:rwx
other:---

file "tmp/test22/admin" not found
# file: /tmp/test22/admin/aaa
# owner: root
# group: sys
user::rw-
user:aris:--x
group::rw-
class:rwx
other:---
#
Dennis Handly
Acclaimed Contributor

Re: give read permission to a certain user to a certain file

# getacl / /tmp /tmp/test22 tmp/test22/admin /tmp/test22/admin/aaa
file "tmp/test22/admin" not found

Oops, a typo, that should be: /tmp/test22/admin

aris has access to /tmp & /tmp/test22. I don't know about /tmp/test22/admin.

aris has no read access to /tmp/test22/admin/aaa. If this is not an executable, then remove X and add R.