[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] tail -f /var/log/maillog & allowing non-admin users to see in real time??

Subject: Re: [cobalt-users] tail -f /var/log/maillog & allowing non-admin users to see in real time??
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Thu Dec 26 10:10:00 2002
Organization: nobaloney.net
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Jerry Farquhar wrote:

> I'm wondering if it might be possible to some how allow only certain users
> on a RAQ4 the ability to view the results of "tail -f /var/log/maillog" in
> real time so as to dispel any concerns or questions of email sending and
> receiving properly.  I only want to allow limited access "View Only" & "Only
> for Certain Users".
> 
> Is there a easy way of accomplishing this?

Yes...

Here's the directory entry for my maillog file:

-rw-------   1 root     root       141985 Dec 26 09:43 maillog

It's owned by root, and the "owning" group is also root. It's readable
and writeable only by root.

So I'd create a new group (just create an entry directly in /etc/group:

maillog:x:33:user1,user2,user3,etc

Where maillog is the name of the group I've chosen for this example...

Where x is an x, just like it shows (it means there's no group password;
group passwords were originally defined in the unix spec, but nobody I
know has ever used them)...

Where 33 is a group number (gid) I chose at random because (a) it's NOT
already used on my system (be sure to check yours; just grep the
/etc/group file for 33) and (b) it doesn't interfere with the numbering
the RaQ sets up for groups it adds, which start at 113 on my system...

Where user1 is a user to be assigned to the group, as is user2, as is
user3, as is etc.  The format is simple, just add a username to be added
to the group, and a comma (no spaces) between them, except no comma
after the last one.

Then save the /etc/group file.  You don't need to restart anything; the
file is read in realtime by any program or system call that needs it.

Then change the permissions of /var/log/maillog as follows:

# chmod g+r /var/log/maillog
# chgrp maillog /var/log/maillog

When you're done, the directory listing will look something like this:

-rw-r-----   1 root     maillog    141985 Dec 26 09:43 maillog

Every user assigned to the group (up to the group membership limit
imposed by Linux) will be able to tail maillog.

Jeff
-- 
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA  92517 US
Internet & Unix/Linux/Sun/Cobalt Consulting +1 909 778-9980
Our jblists address used on lists is for list email only
To contact us offlist: "http://www.nobaloney.net/contactus.html";

References:
- [cobalt-users] tail -f /var/log/maillog & allowing non-admin users to see in real time??
  - From: Jerry Farquhar

Prev by Date: Re: [cobalt-users] User exists but doesn't show up in the GUI.
Next by Date: RE: [cobalt-users] tail -f /var/log/maillog & allowing non-admin users to see in real time??
Previous by thread: RE: [cobalt-users] tail -f /var/log/maillog & allowing non-admin users to see in real time??
Next by thread: RE: [cobalt-users] tail -f /var/log/maillog & allowing non-admin users to see in real time??

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index