Problem with default file access permission
Hi,
I am accessing a common area '/NFS_DATA' by both my java and oracle codes by the users 'javaUsr' and 'oraUsr' respectively.
As per the requirement, the oracle code (oraUsr) needs to create some file in the specified location and then the java code (javaUsr) needs to update those files (created by oraUsr) with some new data.
At present scenario the 'oraUsr' creates files with default access permission644, which does not permit 'javaUsr' to update them.
Constraints : I am not supposed to set umask at the .profile of 'oraUsr'.
Execution of any shell script from oracle procedure is not permitted.
Is it possible to specify file-system specific default file access permissions?
Any idea to overcome this issue?
[842 byte] By [
Amit.Pol] at [2007-11-26 11:24:24]
# 1
> Hi,
>
> I am accessing a common area '/NFS_DATA' by both my
> java and oracle codes by the users 'javaUsr'
> and 'oraUsr' respectively.
>
> As per the requirement, the oracle code
> (oraUsr) needs to create some file in the
> specified location and then the java code
> (javaUsr) needs to update those files (created
> by oraUsr) with some new data.
>
> At present scenario the 'oraUsr' creates files
> with default access permission 644, which does
> not permit 'javaUsr' to update them.
>
> Constraints : I am not supposed to set
> umask at the .profile of 'oraUsr'.
> Execution of any shell script from oracle
> oracle procedure is not permitted.
>
> Is it possible to specify file-system specific
> default file access permissions?
> Any idea to overcome this issue?
You might like to try using File ACLs
man setfacl(1)
as oraUsr
setfacl -s user:oraUsr:rw-,user:javaUsr:rwx,group::r--,other:,mask:rwx file
This way the oraUsr can not execute file
but javausr can
getfacl will show the ACL
user::rw-
user:javaUsr:rwx#effective:rwx
group::rw- #effective:rw-
mask:rwx
other:
hope this helps a bit
