Previous Topic: Synchronization with Native UNIX SecurityNext Topic: HP-UX Limitations


Example: Synchronization

The following example involves a file named /var/temp/newdata and a user named fowler, and assumes that a record in the FILE class already represents the file.

  1. Shut down the seosd daemon, so you can edit the seos.ini file:
    # secons ‑s
    
  2. Logged in as a user with permission to edit the seos.ini file, edit the seos.ini file to make the SyncUnixFilePerms line, in the [seos] section, look like this:
    SyncUnixFilePerms = acl
    

    Remember, acl means that the UNIX option adjusts the UNIX ACL according to the CA ControlMinder ACL. The UNIX option will have this function as long as the token remains set to acl.

  3. Restart the seosd daemon:
    # seosd
    
  4. Invoke selang, then issue the following selang command:
    authorize FILE /var/tmp/newdata uid(fowler) access(r w) unix
    

    The command gives fowler Read and Write access to the new data file and, by specifying the UNIX option, it grants the corresponding native UNIX permissions.