简体繁体中英

Can SELinux give a regular user full control of a file system or directory?

原文 2017-05-12 16:32:03 2 1 linux/ permissions/ selinux

We are setting up a Linux machine (CentOS 7 to be exact) to share files within a team. One particular regular user (the boss) will need to be able to read / write / modify / delete all files and directories in the file system or directory where we share files. I just wonder if it is possible to set an SELinux policy to enforce his privilege. In the past we ran a cron job to enforce permissions on all files and directories every ten minutes. I just thought SELinux will be the better way to go if it is possible.

I am also open to any other suggestions. Thanks a lot!

1 answers

Selinux provides a mechanism for supporting access control security policies. If you need to give access to other users , you can use ACLs or file permissions.

setfacl -Rdm u:boss:rwx /shared_dir

setfacl -Rm u:boss:rwx /shared_dir

to view ACLs :- getfacl filename

u:- user

g:- group

d:- default

o:- other

see the man pages for more infor:- man acl

how can I grep a directory and write the full line found to a file

Can git store or control directory user, group or permissions

glibc 2.14 install error selinux.c: error: libaudit.h no such file or directory

how can I get all files including sub directory? (mget -R * Not a regular file / No such file or directory)

Python give full permissions to read/write a file

Read the extended attributes for a file in SELinux

Regular Expression for full Linux File Path

Can't edit a service file in system directory - Read-only file system

Using linux, how can I create a device file outside of the /dev directory that will give me permission to open and read it?

InnoDB: Operating system error number 13 in a file operation not fixed after changing permissions in /var/lib/mysql/ or disabling selinux

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how can I grep a directory and write the full line found to a file Can git store or control directory user, group or permissions glibc 2.14 install error selinux.c: error: libaudit.h no such file or directory how can I get all files including sub directory? (mget -R * Not a regular file / No such file or directory) Python give full permissions to read/write a file Read the extended attributes for a file in SELinux Regular Expression for full Linux File Path Can't edit a service file in system directory - Read-only file system Using linux, how can I create a device file outside of the /dev directory that will give me permission to open and read it? InnoDB: Operating system error number 13 in a file operation not fixed after changing permissions in /var/lib/mysql/ or disabling selinux

Related Tags

Can SELinux give a regular user full control of a file system or directory?

Question

1 answers

solution1 0 2017-05-12 17:33:20

solution1
0 2017-05-12 17:33:20