Skip to main content
Version: 3.25

Directory and file control

The Directory and file control functionality allows the administrator to register settings that will control the permission of Linux files and directories.

This configuration is done through the web interface of the senhasegura where the permission of files and directories, determined, will be indicated for all users of the indicated workstation. That is:

"If for the Documents" directory of the worktation "01" users will receive only the permission of reading, that is, they will only be able to see and list the files and subdirectories contained inside "Documents" (directory) in the workstation "01"."".

  1. By accessing the menu GO Endpoint Manager ➔ Policies ➔ Linux ➔ Access Policies you have access to all registered policies. The policies are segregated into three levels:

    • General: Policies that apply to all devices where senhasegura.go for Linux is active and approved

    • Per device: Policies applied to specific devices

    • By username: Policies that apply only to devices that contain the specific username.

  2. To create a new directory and file control click on the report action New Rule or New rule for workstation;

    info

    If you wish, just edit a record already exists to include directory and file control.

  3. In the form that opens, go to the Control directories and files tab;

  4. In the Permissions section select the type of permission that will be allowed to users in the Permission field:

    • Read: You can only view and list the files and subfiles/subdirectories

    • Write: You can edit a file or modify the content of a directory

    • Execution: You can execute a file or access a directory

  5. In the Directory or file field indicate the path complete of the file or directory you want to be controlled.

  6. Click the Add button to include permission for control. If you wish, perform the previous steps to add more files and directories to be controlled.

  7. In the group or user field, insert the name of the domain security group or the username of a local or domain user;

  8. In the Block rules section select the type of permission that will be not allowed to users in the Permission field:

    • Read: View and list the files and subfiles/subdirectories

    • Write: Edit a file or modify the contents of a directory

    • Execution: Execute a file or access a directory

  9. In the Directory or file field indicate the complete path of the file or directory you want to be controlled.

  10. Click the Add button to include permission for control. If you wish, perform the previous steps to add more files and directories to be controlled.

    1. If you have chosen the control option Workstation segregation the form will present a tab called Workstation.

    2. When accessing this tab click the add button and select from the list the workstaions that were part of this configuration and click Add.

  11. To finish click Save

At the end perform a workstation access where the control was configured and try to perform the permissions that were blocked or allowed.

Alias

In GO Endpoint Manager ➔ Policies ➔ Linux ➔ Access Policies when creating New rule, the Alias tab on the Access policy Register screen allows creating command aliases through PEDM Linux/Unix.

Alternative names for commands

In this tab you can create new aliases to manage the commands that are most used and have shortcuts for creating very long text:

Alias: Fill in the shortcut or nickname for larger commands, thus speeding up the use of the terminal.

Command: Fill in the command that will be used in the terminal.