User Rights on Linux

Help Contents

Introduction

On Linux computers, user rights are assigned to Fernhill SCADA users using this file:

/etc/fernhill-scada/user-rights.conf

To change how user rights are assigned to Fernhill SCADA users you do the following:

  1. Edit the file /etc/fernhill-scada/user-rights.conf
  2. Tell the Fernhill SCADA service to reload its configuration.

The exact steps you should follow depends on the Linux distribution you are using. Choose one of these guides for specific instructions based on your Linux distribution:

Linux DistributionSetup Instructions
Debian Editing User Rights on Debian Linux
Ubuntu Editing User Rights on Ubuntu Linux
Raspbian Editing User Rights on Raspbian Linux (Raspberry Pi hardware)

Editing User Rights on Debian Linux

To change the rights assigned to users on Debian Linux computers:

  1. Switch to the root user

    Use the following substitute user command to change to the root user:

    su root

    Note: You will be prompted to enter the root user password.

  2. Enter this command to open the user rights assignment file:

    vi /etc/fernhill-scada/user-rights.conf

  3. Edit the file /etc/fernhill-scada/user-rights.conf to change how user rights are mapped to users.
  4. Save the file /etc/fernhill-scada/user-rights.conf.
  5. Enter this command to check the new file is in the correct format:

    fernhill-scada -t /etc/fernhill-scada/user-rights.conf

  6. If there are any errors reported, go back to step 1 to edit the file and correct the errors.
  7. To tell the Fernhill SCADA Server to reload the configuration, enter this command:

    systemctl reload fernhill-scada

Editing User Rights on Ubuntu Linux

To change the rights assigned to users on Ubuntu Linux computers:

  1. Enter this command to open the user rights assignment file:

    sudo vi /etc/fernhill-scada/user-rights.conf

  2. Edit the file /etc/fernhill-scada/user-rights.conf to change how user rights are mapped to users.
  3. Save the file /etc/fernhill-scada/user-rights.conf.
  4. Enter this command to check the new file is in the correct format:

    fernhill-scada -t /etc/fernhill-scada/user-rights.conf

  5. If there are any errors reported, go back to step 1 to edit the file and correct the errors.
  6. To tell the Fernhill SCADA Server to reload the configuration, enter this command:

    sudo systemctl reload fernhill-scada

Editing User Rights on Raspbian Linux

To change the rights assigned to users on Raspbian Linux computers:

  1. Enter this command to open the user rights assignment file:

    sudo vi /etc/fernhill-scada/user-rights.conf

  2. Edit the file /etc/fernhill-scada/user-rights.conf to change how user rights are mapped to users.
  3. Save the file /etc/fernhill-scada/user-rights.conf.
  4. Enter this command to check the new file is in the correct format:

    fernhill-scada -t /etc/fernhill-scada/user-rights.conf

  5. If there are any errors reported, go back to step 1 to edit the file and correct the errors.
  6. To tell the Fernhill SCADA Server to reload the configuration, enter this command:

    sudo systemctl reload fernhill-scada

User Rights File Format

The user rights file format consists of one or more user-right declarations:

user-rights-file ::=
  { user-right }

The user-right declaration associates a user id with a set of privileges:

user-right ::=
  user-id : zone-rights {, zone-rights }

The user-id identifies a user or group:

user-right ::=
  [ user-name | @group-name | * ]

Note: The asterisk indicates any user.

The zone-rights defines a set of privileges for a zone:

zone-rights ::=
  zone-name = user-right { + user-right }

The zone-name identifies a zone:

zone-name ::=
  [ World | ZoneA | ZoneB | ZoneC | ZoneD ]

The user-right defines a privilege:

user-right ::=
  [ Full | None | Refresh | Write | Force | Acknowledge | DisableAlarms | Configure ]

See User Rights for the list of user rights.

User Rights Examples

Allow all users access to the Refresh Tag Command:

* : World=Refresh

Grant operator privileges to user Jane:

Jane : World=Refresh+Write+Acknowledge

Grant all privileges to user John for ZoneA only:

John : ZoneA=Full

Grant operator privileges to the group operators:

@operators : World=Refresh+Write+Acknowledge

Note: Applies to all users in the operators group.

Further Information

Editing User Rights on Windows

To learn how to edit user rights on Windows computers.

User Rights

To learn about the different User Rights in Fernhill SCADA.

Fernhill SCADA

To learn about the tools in Fernhill SCADA.

Glossary

For the meaning of terms used in Fernhill SCADA.