A.17 RIGHTS

A.17.1 RIGHTS (Linux)

The Trustee Rights Utility ( rights) for OES Linux allows you to specify trustee rights for directories and files in the NSS file system. This utility does not provide support for trustees on Linux file systems. It is also not meant to be used to set trustees for NSS volumes on OES NetWare. The trustee information is saved in the file and directory metadata in the NSS volume and works seamlessly with OES NetWare if the volume is moved to OES NetWare.

Syntax

rights [OPTIONS]

rights [TOPTIONS] trustee username

rights [DOPTIONS] delete username

rights [IOPTIONS] irf

rights [EROPTIONS] effective username

rights [SOPTIONS] show

Options

ACTIONS

The first argument indicates the action to be taken.

Option

Description

 
trustee

Adds or modifies a trustee on a file or directory.

 
delete

Removes a trustee from a file or directory.

 
irf

Sets the inherited rights filter on a directory.

 
effective

Displays a user’s effective rights.

 
show

Displays the trustees and inherited rights filter.

OPTIONS

Option

Description

 
-v, --version

Displays the program version information.

 
-h, --help

Displays the help screen.

TOPTIONS

Option

Description

 
-r, --rights=MASK

Specifies the rights to be given to this trustee. For more information, see MASK.

If the No Rights (n) option is assigned, the trustee is removed.

If rights are not specified, the default assignment is Read and File Scan rights.

 
-f, --file=filename

Specifies the name of file or directory to assign trustees to. Filename is the path for the file or directory. For example: 

-f /users/username/userfile.sxi

--file=/designs/topsecret

If a file or directory is not specified, the current directory is used.

DOPTIONS

Option

Description

 
-f, --file=filename

Specifies the name of file or directory to delete trustees from. Filename is the path for the file or directory.

If a file or directory is not specified, the current directory is used.

IOPTIONS

Option

Description

 
-r, --rights=MASK

Specifies the rights to be passed through the filter. For more information, see MASK.

If rights are not specified, the default assignment is All Rights.

 
-f, --file=filename

Specifies the name of the directory where the filter is to be applied. Filename is the path for the directory.

If a directory is not specified, the current directory is used.

EROPTIONS

Option

Description

 
-f, --file=filename

Specifies the name of file or directory where effective right are to be calculated. Filename is the path for the file or directory.

If a file or directory is not specified, the current directory is used.

SOPTIONS

Option

Description

 
-f, --file=filename

Specifies the name of the file or directory to display a list of trustees for that file or directory.

If a file or directory is not specified, the current directory is used.

USERNAME

The username is the Full Distinguished Name of a Novell eDirectory™ object, including the tree name. For example: username. context. treename or joe.engineer.acme_tree.

MASK

The mask is a string of characters, with each character representing a type of rights. The following table lists the rights, the letter to use for each right, and what the right is used for.

Right

Letter

Description

 
Supervisor

s

Grant all rights to the file or directory.

 
Read

r

Open and read files in the directory.

 
Write

w

Open and write to files in the directory.

 
Create

c

Create files and subdirectories.

 
Erase

e

Erase files and directories.

 
Modify

m

Rename files and directories, and change file attributes.

 
File Scan

f

View and search on file and directory names in the file system structure.

 
Access Control

a

Add and remove trustees, and change trustee rights to files and directories.

 
No Rights

n

Remove all rights.

 
All Rights

all

Add All rights except Supervisor.

Example

rights -f /designs/topsecret -r rwfc trustee joe.engineer.acme_tree

This command assigns Read, Write, File Scan, and Create rights to the /designs/topsecret directory for user Joe in the engineer context of the acme_tree eDirectory tree.

See Also

For information about setting file system directory and file attributes, see ATTRIB (Linux).

A.17.2 RIGHTS (NetWare)

Use at a workstation to do the following:

  • View or modify user or group rights for files

  • View or modify user or group rights for directories and volumes

RIGHTS is a client-side application, not a server-side application. Install the Novell Client for Windows on your workstation, then use the Novell Map Network Drive option in the client menu to map a local drive letter to the sys:/public directory. Open a DOS Command Prompt window, cd to the mapped drive, then issue the rights command from the command line.

Syntax

RIGHTS path [[ + | - ] rights] [/option...] [/? | /VER]

Parameter

Description

 
path

Specify the path to the file, directory, or volume you want to modify or view rights to (you must always specify a path).

 
+ | -

Add or delete the specified rights. See Using RIGHTS.

 
rights

Specify one or more file or directory rights. See File and Directory Rights.

 
/option

Replace option with any available option. See RIGHTS Options. 

/?

View online help. All other parameters are ignored when /? is used. 

/VER

View the version number of the utility and the list of files it uses to execute. All other parameters are ignored when /VER is used.

RIGHTS Options

Option

Description

 
/C

Scroll continuously through output.

 
/F

View the Inherited Rights Filter (IRF).

 
/I

View the trustee and group rights that created the inherited rights, and view where the inherited rights came from.

 
/NAME=username

View or modify rights for the user or group listed. Replace username with the name of the user or group whose rights you want to view or modify. 

/S

View or modify subdirectories below the current level.

 
/T

View trustee assignments in a directory.

File and Directory Rights

The following table lists the rights, the letter to use for each right, and what the right is used for.

Right

Letter

Description

Supervisor

 
S

Grant all rights to the file or directory.

Read

 
R

Open and read files in the directory.

Write

 
W

Open and write to files in the directory.

Create

 
C

Create files and subdirectories.

Erase

 
E

Erase files and directories.

Modify

 
M

Rename files and directories, and change file attributes.

File Scan

 
F

View and search on file and directory names in the file system structure.

Access Control

 
A

Add and remove trustees and change trustee rights to files and directories.

No Rights

 
N

Remove all rights.

Remove

 
REM

Remove the user or group as a trustee of the specified file or directory.

All

 
ALL

Add All rights except Supervisor.

Using RIGHTS

  • If you use + (plus) to add rights, the rights you list are added to the existing rights.

  • If you use - (minus) to remove rights, the rights you list are deleted from the existing rights.

  • If you add and delete rights in the same command, group all added rights together and all deleted rights together.

  • If you list rights without using + or -, the rights you list replace the existing rights.

  • You must always specify a path. You can use a period ( .) to represent your current directory.

  • You can use wildcard characters.

Examples

  • To set the trustee rights in the current directory for user JANICE to Read, Write, and File Scan, type

    RIGHTS . R W F /NAME=JANICE

  • To remove user ERNESTO from SYS:USERS, type 

    RIGHTS SYS:USERS REM /NAME=ERNESTO

  • To see where user PATRICK’s inherited rights came from for SYS:USERS\HOME, type 

    RIGHTS SYS:USERS\HOME /NAME=PATRICK /I