How give a user id read access toa directory

[TG1]

I'm trying to give our "operator" id read access to a specific directory so they can view logs. "operator" is not the directory owner and they don't belong to the "intface" group
Directory:
drwxrws--- 2 oracle intface 512 Apr 13 09:09 testdir
Log files:
-rwxrwx--- 1 oracle intface 605 Apr 08 12:24 test.log
-rwxrwx--- 1 oracle intface 605 Apr 08 12:34 test1.log

I don't want to change all the higher directories to world-read, so what else can I try?

 

[ggauthier]

Two alternatives jump to mind:

a) sudo
setup sudo to allow "more" on the files

b) ACLS
change the ACL for the files to permit read access for the specific account. This would need to be set for the upper directories if they are limited to owner, group access only


gg

 

[hfaix]

A third option would be to add the operator to the needed group for reading the files.

 

[TG1]

the sudo worked out perfectly using the "more" command just on the directories I want them to view.
Thanks for the help.

 

[Mag0007]

Hmm, be careful the user may be able to edit the file.

more file
and enter the vi mode (by pressing v)


Make sure that does not work.

 

[hfaix]

exactly like Mag0007 said it. If you give a user "sudo more", then you get the vi (type v in a more). If you give them vi.... you unleash the world.

 

[TG1]

As the "operator", I could get into vi mode but I didn't have the privs to save the file. So we should be ok.

 

[Mag0007]

Okay. Just checking

Goodluck