I want to share common data within a cluster of servers via network shares. There will be one share folder on each server, which all the other servers can access. The server processes that will be accessing this data are currently running as SYSTEM. I would like to restrict the permissions on these folders so that only the processes running on the other servers in the cluster can access the share. I do NOT want [...]

We have a website, with a file: www.example.com/apis/httpapi.asp This file is used by the site internally to make requests joining two systems on the website together (one is Classic ASP, the other ASP.net). However, we do not want the public to be able to access the file. In IIS7.5, is there a setting I can do to make this file internal only? I’ve tried rewriting the URL for it but this rewrite is also applied [...]

I accidentally changed ownership of /usr/bin/sudo to my current user (i also did this for some other stuff in my /usr directory). I can’t change any of them back because I need ownership of /usr/bin/sudo to be root to do so. I do not have root access because I’m on an Amazon EC2 instance running linux. Here’s what I did (foolishly I know): sudo chown -R ec2-user.ec2-user /usr/ I’ve also hosed a ton of other [...]

I’m writing a program (in Python) that needs to modify a system file, /etc/aliases in this case. The software is a web application that typically will run under a dedicated web user, ie “www”, “www-data”, “apache” or similar. How should I set up access control (file permissions, file ownership and groups) to enable the program to modify /etc/aliases without opening permissions too much? The easy way is to make /etc/aliases owned by the web user. [...]

How can I copy a file’s user/owner permissions to it’s group permissions? For example if the permissions are 755 I want them to become 775. Clarification: 755 -> 775 123 -> 113 abc -> aac Bonus if I can do this recursively for all files in a directory. (That is, for every file the ownder permissions are copied to the group permissions. Each file may have different permissions.) you can use g=u to make the [...]

This is on a test machine, not production. I included the following in a user’s .bashrc: umask 000 I relogged in. When I go to create a file in my home directory, say using vi test.txt, the file gets permission rw-rw-rw. I also tried setting umask manually: umask a=rwx What am I doing wrong, as I need the equivalent of CHMOD 0777 or 0755 on files and directories? Again, this is a test situation, so [...]

I have a directory with the following default ACLs: default:user:phptutor:rwx However, none of the files/directories in that directory have that default permission (because it was added after they were created). How can I copy the default ACLs of a parent directory to every folder and file in it? Use getfacl to get the default permissions from the directory and then pipe the result into setfacl to apply it. Something like this should work: getfacl -d [...]

Using the configuration file my.cnf, I’ve set mysql to run as a different user. It works fine, only every time I restart the daemon it changes ownership of the mysql data directory to mysql.mysql and removes write permissions for the group. The end result is it runs as a different user unable to write to its own data. Does anybody understand what’s going on here? Is this a mysql bug? A fedora issue? Am I [...]

Help, I have a mission critical VPS runing Ubuntu 10.04 , which I am using for django. the web-app has been running fine for a month and then suddenly I can’t write to the sqlite database anymore, getting an “disk i/o” error (no problems reading from it though). which from what I can tell is usually permission problem. Nothing worked so I tried reseting the permissions to 777 and owner to www-data allong on the [...]

I get the following log error when I try to run my website locally on my OS X Snow Leopard: [error] [client 127.0.0.1] (13)Permission denied: access to / denied I have enabled the virtual hosts and I have the following settings: <VirtualHost *:80> DocumentRoot “/Dropbox/lang/www” ServerName llang <Directory “/Dropbox/lang/www” > Options Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews AllowOverride All Order allow,deny Allow from all </Directory> Where am I getting it wrong? Apache (running as user [...]