Help

Set inherited rights a network group (security group) to a folder or file

Malcolm
Contributor II

Posted on ‎04-19-2016 06:42 PM

My abilities with unix and linux command line is limited, and I've done some brief digging around to find what I am after but haven't come across it yet, only for local user and local groups?

We have lab computers with an App, where for it to work properly the contents folder of the app needs full rights to for network groups of users who would normally have just user rights to the computer.

I haven't found the right command to do it yet

the folder path is /Applications/Arduino.app/Contents
the AD network groups (security groups) are CURRICgs-students & CURRICgs-staff
And I want to apply it to all containing folders and files within Contents.

Funny enough when I built the image, I set the folder rights for everyone, but for some reason, it still required the network groups to be added.

How would I go about writing this command? as I hope to script it, so I don't have to go to each workstation to make the change.

0 Kudos
4 REPLIES 4

Nix4Life
Valued Contributor

Posted on ‎04-19-2016 07:10 PM

@Malcolm We also run Arduino , but I have not seen the issue you are having. I can check in the morning what the settings are but i have not done anything different when deploying it to our labs and updating with autopkg

Larry

0 Kudos

Malcolm
Contributor II

Posted on ‎04-19-2016 08:17 PM

Yeah, im not sure of the story, 10.11.4 and the latest arduino install. Im told the arduino boards, require additional drivers to run. Its the java folder / contents specifically that needs the rights.

Ive found the command line i needed though... Or it appears to be:
Chmod -R +a "group:CURRICgs-staff allow write,read" <folder path>

Im writing this on my lunch vreak so that command line might be a little out.

Its setting a custom permission to the folder and contents, but i havent testef the boards yet.

(edited group: not groups:)

0 Kudos

Malcolm
Contributor II

Posted on ‎04-19-2016 09:43 PM

update:

I actually set it like so in the end, casue it was comming up as custom.. permissions, so they needed more rights applied.

and used ls -le to see the ACL rights applied to the contents, to see ACL applied permissions.

chmod -R +a "group:CURRICgs-staff allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity" /Applications/Arduino.app/Contents
chmod -R +a "group:CURRICgs-students allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity" /Applications/Arduino.app/Contents
chmod -R +a "group:CURRICgs-staff allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity" /Applications/Arduino.app
chmod -R +a "group:CURRICgs-students allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity" /Applications/Arduino.app
0 Kudos

Nix4Life
Valued Contributor

Posted on ‎04-20-2016 09:16 AM

@Malcolm Thanks for that. I was just speaking with the robotics teacher, as he was testing version 1.6.8 and ran into an issue with the board. He thought it was the board, but based on your findings, it appears to be the permission. will give it a try. He is running Yosemite my setting are below:

drwxr-xr-x   3 root     admin   102B May  6  2015 Arduino.app
drwxr-xr-x  9 root  admin   306B May  6  2015 Contents
cd Contents/
Contents $ ls -lhtr
total 16
drwxr-xr-x   3 root  admin   102B May  6  2015 PlugIns
-rw-r--r--   1 root  admin     8B May  6  2015 PkgInfo
-rw-r--r--   1 root  admin   2.4K May  6  2015 Info.plist
drwxr-xr-x   7 root  admin   238B May  6  2015 Resources
drwxr-xr-x  33 root  admin   1.1K May  6  2015 Java
drwxr-xr-x   3 root  admin   102B May  6  2015 _CodeSignature
drwxr-xr-x   3 root  admin   102B May  6  2015 MacOS

Larry

0 Kudos