1839248 Members
2777 Online
110137 Solutions
New Discussion

Grant user's right

 
SOLVED
Go to solution
Jorge Cocomess
Super Advisor

Grant user's right

Greetings,

The file permission is set to rw,rw,r -- How do I give a specific user "John" permission to run a process without world's permission? As root I can do chmod 666 or 777 to a file, but I would like this user to be able to run a process to process this file without having to run chmod prior to.

Please help!!

Thank you in advance.

Jorge
7 REPLIES 7
Jorge Cocomess
Super Advisor

Re: Grant user's right

Yes, this would be in RHAS 3.0.

Thanks,
George Liu_4
Trusted Contributor
Solution

Re: Grant user's right

a couple of ways.
1. add John to the group where the file belongs to
2. Change the program to allow suid for appropriate owner/group-ship
spex
Honored Contributor

Re: Grant user's right

Hi Jorge,

There are many ways to accomplish this:

1) Create a wrapper script to execute 'sudo -u owner file', or teach John the syntax. Make sure john is set up in sudoers.

2) Create a new group and make john a member. Then 'chgrp newgroup file && chmod g+x file'.

3) Create a wrapper script that checks for john's uid and executes 'file' in the event of a match. Make sure to 'setuid' or 'setgid' for the script appropriately.

4) Use an ACL. RHEL 3.0 has ACL support for ext3 built into the kernel. To enable ACLs for a filesystem, use the '-o acl' option to 'mount'. Then:

# setfacl -m u:john:rwx file

Of course, if this is the only instance you'll use ACLs on the filesystem, it's overkill.

PCS
Jorge Cocomess
Super Advisor

Re: Grant user's right

Hello,

I'd like to say thanks for all your suggestions. However, I'm still learning Linux, therefore, I would need more details such as the command to add seudo user account, etc.

Thanks,
Jorge
Jorge Cocomess
Super Advisor

Re: Grant user's right

I added the user "John" to the sudoers file. By testing, I logged as him and find that "John" still have the permission as he did before. Once I modified the sudoers file, do I need to stop & restart sudoers service or some sort before it can work?

Please help!!
Manuel Wolfshant
Trusted Contributor

Re: Grant user's right

Jorge, in order to use sudo you must do 2 things:
a) as root, use visudo to edit the /etc/sudoers file and add a line similar to:
john ALL=(ALL) command to run including parameters
b) as user john, run:
sudo command to run including parameters

The alternative is to follow spex's suggestion number 4. Just mount the filesystem with the "acl" option and grant execute permission to the user. spex has provided step by step instructions for that.
Jorge Cocomess
Super Advisor

Re: Grant user's right

Hi,

Dummy me...I forgot to run "sudo su -" command after I logged in as john. It's now working prefectly.

However, I would like to know more about ACL - I know ACL pretty well the VMS world, but lost when I read the docs online for Linux.

Does anyone here have step-by-step instructions on setting up ACL in RHAS 2.1 AS?

Thanks anyone for your help!!

Have a great weekend.

Jorge