File: README

package info (click to toggle)
trustees 2.8-2
  • links: PTS
  • area: main
  • in suites: woody
  • size: 404 kB
  • ctags: 13
  • sloc: ansic: 258
file content (59 lines) | stat: -rw-r--r-- 2,221 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
This is quick installation instructions for UNIX trustees.
This software is (c) V.L. Zavadsky, 1999-2000 
This software is covered by GPL.
See http://www.braysystems.com/linux/trustees.html for the most recent version
The patch provided can be applied to any 2.2.X or 2.4.X kernel. 
cd /usr/src
and
patch -p0 <trustees.XX.patch
cd linux
make xconfig or menuconfig or config
Answer Yes to CONFIG_TRUSTEES question (in FileSystems section)
make dep; make install; make modules; make modules_install

_________________________________
create file /etc/trustee.conf using the bundled files as examples.
These are some sample lines with comments
[dev/hda1]/shared/directory/name:+writers:RWEBX:+readers:REBX  - this is the most typical situation. Group writes has write access to the entire /shared/directory/name directory, but group readers - just read only
{//samba_server/share_name}/shared/directory/name/top_secret:+security:!DRWEBX - nobody except security grop members can not use top_secret directory 



The file format is follows
[/block/device]/real_directory_path:user_or_group_name:symbols:user_or_group_name:symbols..........
[/network/share/name]/real_directory_path:user_or_group_name:symbols:user_or_group_name:symbols..........
/block/device - name of block device, minor and major are really used
[/network/share/name - name of netwok share, should be the same as in /proc/mounts
real_directory_path==path with no symlinks, first / is mandatory, last / is prohibited
If group name is used here, it should be prefixed by +
The following symbols are available:
R - Read any files
W -Write files and directories
B - Browse (like UNIX execute for directories)
E- rEad directories
X - eXecute files
U - use UNIX permissions - set by default


Modificators

C - Clear the permissions (instead of set them)
D -Deny access (instead of grant)
! The trustee object applies to all except user or group
O- One level. The trustee object applies to the surectory and files in in, not to subdirectories

____________________________

Add settrustee to any startup script
(e.g. rc.local) or use aclsfs SYSV srcipt
If your may modify the permission system, it is a good idea to add 
settrustee -f call to crontab