User Rights on Linux and macOS

Help Contents

Introduction

On Linux and macOS computers, user rights are assigned to Fernhill SCADA users using this file:

/etc/fernhill-scada/user-rights.conf

To change how user rights are assigned to Fernhill SCADA users you do the following:

  1. Edit the file /etc/fernhill-scada/user-rights.conf
  2. Tell the Fernhill SCADA service to reload its configuration.

The exact steps you should follow depends on the Linux distribution you are using. Choose one of these guides for specific instructions based on your Linux distribution:

Linux DistributionSetup Instructions
Debian Editing User Rights on Debian Linux
Ubuntu Editing User Rights on Ubuntu Linux
Raspberry Pi OS Editing User Rights on Raspberry Pi OS (Raspberry Pi hardware)

Editing User Rights on Debian Linux

To change the rights assigned to users on Debian Linux computers:

  1. Switch to the root user

    Use the following substitute user command to change to the root user:

    su root

    Note: You will be prompted to enter the root user password.

  2. Enter this command to open the user rights assignment file:

    vi /etc/fernhill-scada/user-rights.conf

  3. Edit the file /etc/fernhill-scada/user-rights.conf to change how user rights are mapped to users.
  4. Save the file /etc/fernhill-scada/user-rights.conf.
  5. Enter this command to check the new file is in the correct format:

    fernhill-scada -t/etc/fernhill-scada/user-rights.conf

  6. If there are any errors reported, go back to step 1 to edit the file and correct the errors.
  7. To tell the Fernhill SCADA Server to reload the configuration, enter this command:

    systemctl reload fernhill-scada

Editing User Rights on Ubuntu Linux

To change the rights assigned to users on Ubuntu Linux computers:

  1. Enter this command to open the user rights assignment file:

    sudo vi /etc/fernhill-scada/user-rights.conf

  2. Edit the file /etc/fernhill-scada/user-rights.conf to change how user rights are mapped to users.
  3. Save the file /etc/fernhill-scada/user-rights.conf.
  4. Enter this command to check the new file is in the correct format:

    fernhill-scada -t/etc/fernhill-scada/user-rights.conf

  5. If there are any errors reported, go back to step 1 to edit the file and correct the errors.
  6. To tell the Fernhill SCADA Server to reload the configuration, enter this command:

    sudo systemctl reload fernhill-scada

Editing User Rights on Raspberry Pi OS

To change the rights assigned to users on Raspberry Pi OS computers:

  1. Enter this command to open the user rights assignment file:

    sudo vi /etc/fernhill-scada/user-rights.conf

  2. Edit the file /etc/fernhill-scada/user-rights.conf to change how user rights are mapped to users.
  3. Save the file /etc/fernhill-scada/user-rights.conf.
  4. Enter this command to check the new file is in the correct format:

    fernhill-scada -t/etc/fernhill-scada/user-rights.conf

  5. If there are any errors reported, go back to step 1 to edit the file and correct the errors.
  6. To tell the Fernhill SCADA Server to reload the configuration, enter this command:

    sudo systemctl reload fernhill-scada

User Rights File Format

The user rights file format consists of one or more user-right declarations:

user-rights-file ::=
  { user-right }

The user-right declaration associates a user-id with a set of privileges:

user-right ::=
  user-id : zone-rights {, zone-rights } ';'

The user-id identifies a user or group:

user-right ::=
  [ user-name | @group-name | * ]

Note: The asterisk indicates any user.

The zone-rights defines a set of privileges for a zone:

zone-rights ::=
  zone-name = user-right { + user-right }

The zone-name identifies a zone:

zone-name ::=
  [ World | ZoneA | ZoneB | ZoneC | ZoneD ]

The user-right defines a privilege:

user-right ::=
  [ Full | None | Refresh | Write | Force | Acknowledge | DirectWrite | DisableAlarms | Configure ]

See User Rights for the list of user rights.

User Rights Examples

Allow all users access to the Refresh Tag Command:

* : World=Refresh;

Grant operator privileges to user Jane:

Jane : World=Refresh+Write+Acknowledge;

Grant all privileges to user John for ZoneA only:

John : ZoneA=Full;

Grant operator privileges for ZoneA and full privileges for ZoneB to user Fred:

Fred : ZoneA=Refresh+Write+Acknowledge, ZoneB=Full;

Grant operator privileges to the group operators:

@operators : World=Refresh+Write+Acknowledge;

Note: Applies to all users in the operators group.

Further Information

Editing User Rights on Windows

To learn how to edit user rights on Windows computers.

User Rights

To learn about the different User Rights in Fernhill SCADA.

Fernhill SCADA Server

To learn more about the Fernhill SCADA Server.

Fernhill SCADA

To learn about the tools in Fernhill SCADA.

Glossary

For the meaning of terms used in Fernhill SCADA.