Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP 9000 Networking: Advanced Server/9000 Administrator's Guide > Chapter 2 Handling Files

AS/U and HP-UX File Access Permissions
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

Advanced Server/9000 client permissions are checked before HP-UX file permissions. If a user's access is restricted because of the Advanced Server/9000 access control list, then access is denied without regard to the HP-UX file permissions.

When an Advanced Server/9000 user attempts to access a file or directory, the access must be allowed by two sets of permissions: Advanced Server/9000 permissions created through the File Manager, and HP-UX system file and directory permissions.

When an Advanced Server/9000 user attempts to access a file, the set of HP-UX system permissions that are applied is governed by the following rules:

  • If the Advanced Server/9000 user has not been mapped to an HP-UX system user account, then the HP-UX user and group default are the Advanced Server/9000 user lmworld and one of the special Advanced Server/9000 HP-UX system groups. Permissions are set by using Advanced Server/9000 apply.

  • If the Advanced Server/9000 user has been mapped to an HP -UX system user account using the mapuname command, and that HP-UX system user account is the same as the HP-UX system owner of the file or directory, then the owner permissions apply.

  • If the Advanced Server/9000 user has been mapped to an HP -UX system user account and the HP-UX system user account belongs to the HP-UX system group of the file or directory, then the group permissions apply.

  • If the group of the file or directory is one of the eight special Advanced Server/9000 HP-UX system groups--DOS----, DOS-a--, DOS--s-, DOS---h, DOS-as-, DOS--sh, DOS-a-h, DOS-ash--then the group permissions apply. (The Advanced Server/9000 makes use of the group field to indicate if a file is hidden (h), system (s), or archive (a). It uses these group names to identify the various combinations of attributes.)

  • Otherwise, the permissions for Others apply.

For example, if a file named proposal has the HP-UX system permissions rw-r--r-- with owner fmd and group DOS-a--, and the Advanced Server/9000 user fred is mapped to the HP-UX system user fmd, and the Advanced server permissions grant all users Read & Write permission, then the Advanced server user fred would be allowed to read and write the file. All other Advanced Server/9000 users who do not map to the HP-UX system user fmd would be limited to Read permission because the HP-UX system permissions allow only Read access for users other than the owner.

For more information on sharing and permissions, see"Managing Shared Resources and Resource Security" in the Advanced Server/9000 Concepts and Planning Guide.



Configure keepunixgroups to Retain UNIX GIDs or DOS Attributes
  		 


Permissions when HP-UX User is Not File Owner  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1997 Hewlett-Packard Development Company, L.P.