Hi Praveen,
nr FILE ('/etc/Test.txt') audit(SUCCESS FAILURE) comment('securing critical files') defaccess(READ) owner('root')
Will give praveen read only access via defaccess(READ), so the following is redundant.
AUTHORIZE FILE ('/etc/Test.txt') uid('praveen') ACCESS(READ)
I should have been a bit clearer with my previous point "The PIM agent does not override the unix file permissions." If a user does not have unix permissions for an operation on a file, PIM cannot give those permissions. Essentially, unix permissions are still in effect when PIM is running, but PIM can provide more granular permissions on top of them.
I hope this makes sense?
You should also be careful about giving 777 unix permissions because this makes it world writiable if PIM is not running for some reason.