This discussion is archived
7 Replies Latest reply: Apr 30, 2013 6:34 AM by TommyReynolds RSS

user permissions on folder

Richa Newbie
Currently Being Moderated
Hi,
Got a strange requirement.
Application base location - /Oracle/appl/test
Application os user - appl
We need to create a folder in such a way that application user (appl) can have full excess of that folder but another OS user (eg. appltest) can see the files (read only) can extract the files from that folder to his PC but should not able to edit that folder / files and should not be able to drop / delete any file / folder in that main folder.
Any suggestions with commands?
  • 1. Re: user permissions on folder
    EdStevens Guru
    Currently Being Moderated
    Richa wrote:
    Hi,
    Got a strange requirement.
    Application base location - /Oracle/appl/test
    Application os user - appl
    We need to create a folder in such a way that application user (appl) can have full excess of that folder but another OS user (eg. appltest) can see the files (read only) can extract the files from that folder to his PC but should not able to edit that folder / files and should not be able to drop / delete any file / folder in that main folder.
    Any suggestions with commands?
    man chmod
  • 2. Re: user permissions on folder
    Richa Newbie
    Currently Being Moderated
    Hi,
    yes it will be by using chmod but this scenario is difficult.
    Please help
  • 3. Re: user permissions on folder
    EdStevens Guru
    Currently Being Moderated
    Richa wrote:
    Hi,
    yes it will be by using chmod but this scenario is difficult.
    Please help
    What's so difficult?


    chmod 774 .....

    Give your 'app' user membership in the owning group. He'll have full permissions. Don't put the 'read-only' user in owning group. He'll be considered 'other' and so will have 'read only'.
  • 4. Re: user permissions on folder
    Dude! Guru
    Currently Being Moderated
    ... can extract the files from that folder to his PC ...
    To set up access restirctions and allowing users to transfer or extract files to other systems are different matters. I suggest to look into file sharing services like samba, nfs or sshfs, which can be configured to allow local and remote users to access files and folders as you described. However, since you have not given us any information about your Linux system or client requirements, no further info is reasonable.
  • 5. Re: user permissions on folder
    alvaromiranda Explorer
    Currently Being Moderated
    Hello,

    If the filesystem support ACL, you should use ACL.

    give 750 to the ownwer/group of the main user who will write/create the files

    and you can use ACL to gran a user to just read those files.
  • 6. Re: user permissions on folder
    Richa Newbie
    Currently Being Moderated
    Still have issue.
    The new user is created but it can easily access all folders and can download them.
  • 7. Re: user permissions on folder
    TommyReynolds Expert
    Currently Being Moderated
    Application base location - /Oracle/appl/test
    Application os user - appl
    We need to create a folder in such a way that application user (appl) can have full excess of that folder but another OS user (eg. appltest) can see the files (read only) can extract the files from that folder to his PC but should not able to edit that folder / files and should not be able to drop / delete any file / folder in that main folder.
    To get started for a Linux-only setup:
    # groupadd viewers
    # usermod -G viewers appl
    # usermod -G viewers appltest
    # chown -R appl:viewers /Oracle/appl/test
    # chmod 0755 /Oracle/appl/test
    Now, how does appltest access the files from his PC? How appltest authenticates with the server is crucial here.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points