4.13.28 Acquiring access authority of a file or folder
Function
This plug-in outputs the authority information for the specified file on the Windows or UNIX execution target server. If you specify a folder, the plug-in outputs the authority information for the specified folder. The property of this plug-in allows the use of wild cards ("*","?",",") for only the path for the target file (common.targetFilePath property).
The file output format is as below. If authority information for more than one file is output, a line feed is inserted between the files.
- Windows
"Path","AccessToString"
"<target-file-path>", <user> Deny <authority>:<user> Allow <authority>
Note: For Windows, all authorities of files for each user are output.
- Unix
<target-file-path>,<access-authority(number)>,<access-authority(symbol)>,<owner's-user-name>,<owner's-group-name>
<access-permission(number)> consists of the owner's access permission, the group's access permission, and other access permissions in order from left to right.
<access-permission(symbol)> consists of symbols that indicate whether the path specified to the common.targetFilePath property belongs to a file (-), folder (d), or symbolic link (l), as well as the owner's access permission, the group's access permission, and other access permissions in order from left to right.
The numbers and symbols used for <access-permission(number)> and <access-permission(symbol)> are as follows.
Number: Symbol: Description
: -: File
: d: Folder
: l: Symbolic link
0: ---: No access permission is set.
1: --x: Execution permission
2: -w-: Write permission
3: -wx: Execution permission, write permission
4: r--: Read permission
5: r-x: Execution permission, read permission
6: rw-: Write permission, read permission
7: rwx: Execution permission, write permission, read permission
Example: <access-permission(number)>, <access-permission(symbol): 644,-rw-r--r--
The prerequisite server for this plug-in is as follows:
- Execution target server
This server is used as the target for executing this plug-in.
The scripts in this plug-in perform the following processing:
- Checking the path for the target file (specified for the common.targetFilePath property) and the path for the output destination file (specified for the common.destinationFilePath property)
- Executing the following commands:
- Windows
Get-Acl -Path "<target-file-path>(the+F9 common.targetFilePath property)"
For details about the Get-Acl commandlet, visit the Microsoft library Web site.
- UNIX
stat -c%n,%a,%A,%U,%G <target-file-path>(the common.targetFilePath property)
For details on the stat command, run the man command of the OS to acquire the command information.
- Overwriting the file access permissions to the output destination file path (the common.destinationFilePath property); if no file exists, a new file is created.
Use situation
Use this if you want to leave, as evidence, a file describing access authority of the file specified after using the "file or folder access authority change" plug-in.
Prerequisites
For the latest support status of the following items, see the Release notes: Prerequisite products on the execution target server, and running OS for prerequisite products on the execution target server.
In addition, the following OS and products use abbreviations. For the abbreviations of OS and products, see the "Preface".
Prerequisite products on the execution target server:
None
Running OS on the execution target server:
(1) Windows Server
(2) Red Hat Enterprise Linux Server
(3) Oracle Linux
Conditions of using the execution target server:
None
Cautions
(1) Do not use a character string containing a double quotation mark (") or a single quotation mark (') in a plug-in property.
(2) If the running OS on the execution target server is Windows, the connected user defined for the agentless connection destination requires read permission for the specified file.
(3) This plug-in allows the use of wild cards (* ? [ ]) for only the path for the target file (the common.targetFilePath property).
(4) This plug-in does not support drives or registries. Therefore, do not specify a drive or registry for the path of the target file (the common.targetFilePath property).
(5) If the running OS on the execution target server is Unix, do not specify a path that contains a space as the path for the target file (common.targetFilePath property). If you specify such a path, this plug-in will terminate abnormally.
(6) If a file is already specified for the output destination file path (common.destinationFilePath property), that file is overwritten. Therefore, make sure that the specified file name is correct.
(7) If no folder exists on the output destination file path (common.destinationFilePath property), the system creates that folder and outputs the result in it.
Version
02.00.01
Plug-in tags
Gather OS information,Windows,Linux
Plug-in name displayed in the task log
osGetPermission
Return code
0: Normal
12: Error (Mistake by user) Invalid property
27: Error (check task logs for the nature of error)
41: Error (error detected in plugin) Missing property (error detected in plugin script)
Property list
The following table lists the properties:
Property key |
Property name |
Description |
Default value |
I/O type |
Required |
---|---|---|---|---|---|
plugin.destinationHost |
Host name of the execution target server |
Specify the host name or IP address of the server on which this plugin will be executed. IPv6 addresses are not supported. |
-- |
Input |
R |
common.targetFilePath |
Target file path |
Enter the full path of the target file. |
-- |
Input |
R |
common.destinationFilePath |
File output path |
Enter the full path of the file output path. |
-- |
Input |
R |
common.returnValue |
Return value for the plugin |
The return value of this plugin stored. |
-- |
Output |
O |