Pure-ftpd - different permissions for virtual users?

Similar Messages

• How to gain different permissions than the user's current logon provides?

  I have a computer on a local network which contains a shared folder, and I've granted reading permissions for all users.
  How can I grant a certain Java application, or gain from a certain application, which a user running on a different computer, permission to write to that folder without granting this user the permission?
  Basically I need to create a situation when the other users can add files to the folder only through my Java application.
  Thanks.

  You are right i wouldn't like to change owner. But I would like the program to be able identify itself as a different user who has writing privileges, or something of that sort, in order for it to have permissions. Something similar to the 'runas' command in windows.

• How can you define a different homepage for a user?

  Hi
  I am fairly new to Application express, I have created an application but I would like to define a different homepage for a user when they login. Of course I can modifiy the PLSQL code:
  wwv_flow_custom_auth_std.login(
  P_UNAME => :P101_USERNAME,
  P_PASSWORD => :P101_PASSWORD,
  P_SESSION_ID => v('APP_SESSION'),
  P_FLOW_PAGE => :APP_ID||':1'
  With a different page, however I would like to setup a different home page depending on the user that logs in - I tried setting up a conditional process specifying P_101_USERNAME but this did not work...any ideas on how this can be achieved?

  Hi
  Thank you for your response, I have created the function:
  create or replace function "GETDEFPAGE"
  (auser in VARCHAR2)
  return VARCHAR2
  is
  Defpage number;
  begin
  select DefaultPageNumber into Defpage from users_table where username='aUser';
  return Defpage;
  end;
  Can you please assist me on how I can call the function in the login process within the block:
  wwv_flow_custom_auth_std.login(
  P_UNAME => :P101_USERNAME,
  P_PASSWORD => :P101_PASSWORD,
  P_SESSION_ID => v('APP_SESSION'),
  P_FLOW_PAGE => :APP_ID||':1'
  );

• How to check whether a file got read permissions for perticular user

  Problem: Let JRE is running with some x as effective user in LINUX then while checking file permission it is checking permission on that file for that x user.
  File f = new File(�file name�)
  if(f.exists())
       System.out.println(�exists�);
  Else
       System.out.println(�does not exists�);
  The above code prints exists only when x user have permissions on that file
  Requirement: I would like to check whether a file got read permissions for particular user i.e. whether y user got permissions on that file.
  Any help is appreciated

  In Linux a user has to have read permission on a file to even see that it exists. As a result, if a user (or a group to which they belong) doesn't have read access to the file File.exists() will return false. Windows which doesn't have as tightly controlled access to files will admit that a file exists whether it can be read or not.
  PS.
  This is proof that I should never answer a question off the top of my head when I haven't had my red bull yet. This is wrong. You will be able to see it if you have read and execute on the directory.
  thumps self in head
  Message was edited by:
  puckstopper31

• Files to download without any permissions for guest user.

  Hello, i have created a KM Navi Iview, with path to /documents/.../...
  When i go to
  http://portal/irj/portal/anonymous i see a list of files, but i can copy,delete and rename files (permissions for guest are: read), how can i solve this, if i need only download permissions for guest?

  Hello Artem,
  Please do not remove the Guest User from its groups.
  The Guest User is an integral part of the "Anonymous Users" group which ultmately falls under "Everyone" Group. How did you remove Guest User as only Config tool allows you to do that.
  What I suggest is make a Portal Group of Users and add all your regular users to it. Give Read/Write permission to this group. Then add only Read permissions for Anonymous Users Group.
  Hope this helped.

• Effective permissions for LDAP user that is a member of multiple groups?

  We use AD and LDAP group maps to authenticate to UCS, and I'm trying to understand the effective permissions when a user is a member of multiple LDAP groups, each with different UCSM permissions.
  I expected that UCS would grant access based on the union of the effective permissions specified in UCS, but instead it appears to use the permissions of just one of the groups, and it's unclear whether the selection is random or deterministic. If this is expected behaviour, is there a way to affect the selection process?
  Cheers,
  Paul

  Hi,
  I tested the issue on SharePoint server 2013 without sp installed. It worked and I used global security group. I will test the issue on SharePoint 2013 sp1 later, and please provide more information to narrow down the issue.
  Please go to site settings > site permissions > check permission, type in domain\user1, and post the result here.
  If the user has been granted permission, please try logging on another machine to test if Windows credential casues the issue.
  Did the issue occur to one site collection? Please test on other sites or web applications?
  Please create new user to test the issue again.
  Regards,
  Rebecca Tu
  TechNet Community Support

• Permissions for Linux user accessing Leopard share

  We have a very simple networking setup at our video post production facility. Basically, files are shared everywhere and to everyone. No open directory or DNS serving. Just AFP and SMB.
  Our Linux based Smoke/Flame/Lustre system needs access to the files severed/shared by an Xserve with a big attached RAID. It has no problem connecting or seeing the files. However, it typically is denied write permissions. When the Smoke operator creates a folder on the share he can't access the folder until I grant the Others/Everyone group read and write perms. The Linux user logs in with the same user account that everyone else uses.
  Some time ago, the always smashing Gerrit DeWitt gave me some terminal commands to set ACLs for users/groups of this shared RAID. They work beautifully and I have had no permissions issues since applying them. Except for this Linux system.
  Would it be good practice to use this command to set the Everyone group permissions for this share?
  sudo chmod -R +ai "group:everyone allow readattr,readextattr,readsecurity,\
  list,search,read,execute,writeattr,writeextattr,delete,\
  append,write,deletechild,add_file,addsubdirectory,\
  fileinherit,directoryinherit" "/Volumes/RAIDH/Smoke_InfernoStorage"
  Also, is there some configuration change I could make to the Linux system to make it a little more Mac compatible in this area?
  Thanks

  It's worth checking into - let us know what you find. What you describe certainly sounds like a problem with permission propagation settings for SMB / Samba since the AFP side works fine.
  I've seen other posts about problems that crop up because of differences in the versions of Samba employed between systems, so that's a possibility as well. And I'd have no suggestions for you in that regard other than some searching of the web for clues as to how to work with that issue.
  -Doug

• Chroot SFTP for virtual users

  Anyone tried this on Arch?
  http://www.minstrel.org.uk/papers/sftp/
  Basically allowing chrooted virtual users SFTP access (no users/shell access). I thought of switching completely to SFTP from FTP/SSL, but don't want to add a user for each virtual host.
  Last edited by phrozen (2013-08-24 15:54:51)

  To allow virtual user on the site, you need add a SAML authenticator provider to the security realm. From the log, I don’t see there is a SAML authenticator configured. This SAML authentication provider is used by SAMLIA to authenticate (in fact, it simply returns an authenticated identity) the virtual users.
  You should also pay attention to the control flags of the newly added SAML authenticator and your existing DefaultAtn provider. For example, the control flags can be set like this:
  SAML Authenticator - SUFFICIENT
  DefaultAtn - SUFFICIENT
  If DefaultAtn’s control flag is set to REQUIRED, “Virtual Users” will not work, too.

• Wrong home directory permissions for new users

  Hi everyone.
  I reinstalled my laptop the other day and ran into a rather strange problem: after a system update new users had their permissions totally screwed. It took me 3-4 reinstalls to notice, as i was also playing with lvm2 &co. Anyway, on fresh installations from either 2008.06 or 2009.02, everything works fine. As soon as i update to the latest package versions (including 2.6.29 kernel) and create a new user, permissions on the new home directory are screwed up to the point where the user can't access it.
  Old directory permissions:
  drwx------ 33 jasn users 4,0K 17. Apr 13:21 jasn
  drwx------ 2 root root 16K 17. Apr 12:15 lost+found
  New directory permissions:
  drw-rw--w- 2 jasm users 4,0K 17. Apr 13:43 jasm
  drwx------ 33 jasn users 4,0K 17. Apr 13:21 jasn
  drwx------ 2 root root 16K 17. Apr 12:15 lost+found
  Logging in to "jasm" results in
  No directory, logging in with HOME=/
  [jasm@host /]$
  The whole mess can be fixed by changing the permissions on the home directory, but all that can't be on purpose, can it? I also don't know which package update (if it even was caused by one) causes this behaviour and if this only happens to me, so i didn't file a bug report.
  Has anyone already seen this? I solved it after 1.5 days of puzzled (and strangely unsuccessful) googling and reinstalling, so perhaps someone who runs into the same problem can use this to fix it.
  Last edited by JASN (2009-04-17 17:09:34)

  umask is not really the correct thing to do in this case, as this resets the permissions for every file the user creates. Afaik, the umask setting has to be installed on every machine via the launchd-user.conf file (to contain simply: umask 002) (or whatever is appropriate for your facility), as umask is a property of the process, not the connection.
  What might work better for your problem is make the homedirs world and group non-readable. That way the user creates files within their homedirs and anywhere below, but everyone else can't read them regardless of the files' permissions because the directory itself is unreadable.

• Read/Write Permissions for all users and all objects in Users:Shared

  Hi:
  I am using an application called "iView" to manage my image files. When importing images from my camera through that application, it creates a folder with the current date. The root folder is "Users:Shared:Images", so that everyone using our Mac can access the files. However, the files' permissions are only read/write for the user who downloaded the files (typically me), but I want everyone to be able to edit and delete files. Of course I can change the permissions manually, but there has to be a better way. (In addition, changing the permissions manually afterwards causes Time Machine to backup the files with the modified permissions again).
  What do I have to do?
  Thanks in advance.
  Hinrich

  That is the way that permissions work. If you are the owner of a file and want others to be able to read and write it, then you have to give them the permission to do so. To automate this, you can attach a folder action to the shared folder, for example:
  <pre style="
  font-family: Monaco, 'Courier New', Courier, monospace;
  font-size: 10px;
  margin: 0px;
  padding: 5px;
  border: 1px solid #000000;
  width: 720px;
  color: #000000;
  background-color: #FFDDFF;
  overflow: auto;"
  title="this text can be pasted into the Script Editor">
  on adding folder items to ThisFolder after receiving AddedItems
  repeat with AnItem in AddedItems
  tell application "Finder" to set everyones privileges of AnItem to read write
  end repeat
  end adding folder items to
  </pre>

• Can Exchange have 2 different mailboxes for same user

  hey guys,
  I need to know whether Exchange 2010/2013 can have two mailboxes for the same user e.g.
  1st mailbox is configured to send and receive emails for: xxxxpride.co.ke and 
  2nd mailbox is configured to send and receive emails for: xxxxsolutions.co.ke
  is this possible? if not how should i go about this scenario?
  will it mean I have to run two different exchange and AD servers which will have a different public IP?

  No you can not have 2 mailbox for one user. Because, mailbox is associated with AD account and you need authentication to send emails.
  In this case you can do  following 
  1. Create a different user account with 2nd email address and Forward that 2nd email to first one. So User is reading 2 email in one mailbox. TO send email from 2nd mailbox assign the send as permission to first account.
  2. Add the Alias email address in your first mailbox. (By doing so) User will recieve the emails for both address but cant send from 2nd email address.
   You can have multiple domains configured to recive and send emails in one exchange server.Yes certainly
  we can create multiple recipient for multiple domains.. Under authoritative domains section of hub transport. External Relay and Internal relay and authoritative domains can be created. you can create email address policies for each domain as well. See the
  link below to understand more.
  http://technet.microsoft.com/en-us/library/aa996314%28v=exchg.150%29.aspx
  UMESH DEUJA MCP,MCTS,MCSA,CCNA

• PCD Business Objects Permissions for Authenticated users

  Hi All,
  I am working on SRM7.0 Business package installed on Portal NW7.01.
  I wanted to understand Which permissions should i provide to "Business Objects" PCD Folder for Authenticated users.
  Should it be Administrator "None" and End User "ON"
  Or Should it be Administrator "Read" and End User "ON"
  Regards,
  Ashish Shah

  Hi Sandeep,
  I was wondering what is the need of assigning permissions to "Everyone" Group and "Authenticated Users"
  2. Group: Everyone(built in group)
  Administrator:Read
  Enduser:checked
  3. Group:: Authenticated Users(built in group)
  Administrator:Read
  Enduser:checked.
  If i am not using Anonymous users , should i only assign this permission?
  Group:: Authenticated Users(built in group)
  Administrator:Read
  Enduser:checked.
  Regards,
  Ashish Shah

• Is it possible to setup a different language for the user account?

  Hi,
  My server is in English but many of my users will use French.
  Can I setup in WGM a different language (international) for the user?

  The settings are changed in at least three locations for a user account. Changes are made to ~/Library/Preferences/.GlobalPreferences, ~/Library/Preferences/com.apple.HIToolBox.plist, and ~/Library/Preferences/ByHost/com.apple.HIToolBox.<MACAddress>.plist. There are a lot of keys in there that get changed and might vary between 10.4.x and 10.5.x -if you have a mixed OS environment. So while you you may be able to import the first two into WGM, the last one might be the most trouble as it's machine specific.
  If you gave access to the 'International' System Prefpane, it wouldn't affect anything but the student account since their prefs are saved to a network location or to their local PHD account. Changes would revert to whatever the system default preferences were on logout. Those would be the prefs in /Library/Preferences.
  The 'International' System Prefpane has many listings for the other language choices that are installed on the system which could be a source of confusion for student users. Removing those resources, using certain tools like MonoLingual, can make certain software behave badly or even make the system unusable. Use with caution.

• Changing Calendar Permissions for All Users in PowerShell

  We just recently deployed Exchange 2010 and are needing to set the permissions to all users to an Editor level.  Can this be done in PowerShell?

  Hi,
  Please try the following commands:
  $all=Get-Mailbox -RecipientTypeDetails UserMailbox
  $all | ForEach {Set-MailboxFolderPermission -Identity “$($_.alias):\Calendar” -User default-AccessRights "Editor"}
  Hope it helps.
  Thanks,
  Winnie Liang
  TechNet Community Support

• SharePoint 2013 permissions for each user

  I am working on my own SharePoint 2013 test site and I need to grant permission to the test accounts. I want to make certain the 3 test accounts can not see the lists, files, and workflows that the other users created.
  Do I need to grant permission at the site level, user level, custom list level, for each workflow, and/or for each custom form? Do I invite each user and/or 'share' with each user? Can you tell me and/or point me to a source that will tell me what level
  of permission I need and how to grant this type of permission?

  Wendy,
  In sharepoint, you can grant permission at any level you want. That permission will carry forward by default until someone break them and configure unique permission.
  In ideal case, we recommend to use share security group to grant permission and not grant to individual user. Also try to restrict 2 default site group (Owner/member/viewer) as much possible, but in reality ppl break these rule often and eventually end up
  with maintenance overhead.
  I will recommenced you and everyone to go through this nice ppt which clears sharepoint permission idea in our mind.
  Here you go - SharePoint
  Permissions Worst Practices
  Please 'propose as answer' if it helped you, also 'vote helpful' if you like this reply.