|
|
Sponsored Content
Operating Systems
AIX
sudo must be setuid root.
Post 302399332 by pludi on Saturday 27th of February 2010 09:23:45 AM
02-27-2010
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am trying to run chown and chmod from a script owned by root. The permissions are set to 4755 so that users can execute the script as root. However, when I run the script as a user other than root, I get "Operation not permitted" for both chown and chmod. Any ideas as to why this is? (6 Replies)
Discussion started by: johnmsucpe
6 Replies
2. Linux
Hi all..
I'm secering a RH 2.1 server, with gnome (not my choice...), as X manager.
Is ther anyway to get sudo ask for root password other then the actual user's password? Like when you launch the graphical IHM to create a new user, it asks for root's password? Is there a way to do the same... (5 Replies)
Discussion started by: penguin-friend
5 Replies
3. UNIX for Advanced & Expert Users
Hi,
I have a program with the following suid setup
-rwsr-sr-x 1 root other 653 Aug 16 17:00 restart_server
It basically starts up a service that has to be started by root. I just want the normal users to be able to restart the service using the script above.
But when the... (7 Replies)
Discussion started by: 0ktalmagik
7 Replies
4. UNIX for Dummies Questions & Answers
I'm actually working with a Ubuntu-System here and have a question about executing a command with 'sudo'.
I tried and got a error message like "not allowed".
After this I logged in with 'sudo -s' and typed the command without 'sudo'. This worked well.
Can please somebody explain me this... (0 Replies)
Discussion started by: daWonderer
0 Replies
5. UNIX for Dummies Questions & Answers
I've been through many threads before i decide to create a separate thread.
I can't really find the solution to my (simple) problem.
Here's what I'm trying to achieve:
As "canar" user I want to run a command, let's say "/opt/ocaml/bin/ocaml" as "duck" user.
The only to achieve this is to... (1 Reply)
Discussion started by: canar
1 Replies
6. UNIX for Dummies Questions & Answers
Anyone able to explain why if i run "sudo -i" or "sudo -s" i am able to get into root by just keying my own password?
How to avoid this from happening coz i need all the users to use su - only. (2 Replies)
Discussion started by: timmywong
2 Replies
7. Red Hat
I have a set of RHEL 5 boxes running our ERP software on Oracle databases. I need to allow my DBA's to su to oracle and one other account (banner) without knowing the oracle or banner password. But I need to prevent them from su'ing to any other user especially root. I only want them to be able to... (1 Reply)
Discussion started by: westmoreland
1 Replies
8. Solaris
Hello,
It is Solaris-10. There is a file as /opt/vpp/dom1.2/pdd/today_23. It is always generated by root, so owned by root only.
This file has to be deleted as part of application restart always and that is done by app_user and SA is always involved to do rm on that file.
Is it possible to give... (9 Replies)
Discussion started by: solaris_1977
9 Replies
9. UNIX for Beginners Questions & Answers
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
Discussion started by: sreyan32
2 Replies
10. UNIX for Beginners Questions & Answers
I have a coworker that has set up some funky aliases in /etc/bash.alias, and he insists on leaving them that way. For example he aliased "ll" to "ls -lahtr", which really bugs me.
Anyway, I was wondering if there were a way for me to sudo to root without reading /etc/bash.alias, or maybe have... (6 Replies)
Discussion started by: paqman
6 Replies
LEARN ABOUT HPUX
chmod
chmod(1) General Commands Manual chmod(1) NAME
chmod - change file mode access permissions SYNOPSIS
symbolic_mode_list file ... Obsolescent form numeric_mode file ... DESCRIPTION
The command changes the permissions of one or more files according to the value of symbolic_mode_list or numeric_mode. You can display the current permissions for a file with the command (see ls(1)). Only the owner of a file, or a user with appropriate privileges, can change its mode. Only a user having appropriate privileges can set (or retain, if previously set) the sticky bit of a regular file. If the sticky bit is set on a directory, files inside the directory may be renamed or removed only by the owner of the file, the owner of the directory, or the superuser (even if the modes of the directory would otherwise allow such an operation). In order to set the set-group-ID bit, the group of the file must correspond to your current group ID. If is used on a symbolic link, the mode of the file referred to by the link is changed. Options The command recognizes the following options: Preserve any optional access control list (ACL) entries associated with the file (HFS file systems only). By default, in conformance with the IEEE Standard POSIX 1003.1-1988, optional HFS ACL entries are deleted. For JFS ACLs, this option has no effect, because optional JFS ACL entries are always preserved. For information about access control lists, see acl(5) and aclv(5). Recursively change the file mode bits. For each file operand that names a directory, alters the file mode bits of the named directory and all files and subdirecto- ries in the file hierarchy below it. Operands The command recognizes the following operands: file Targe file for which the permissions are changes. numeric-mode Numeric value used to determine permission on a specified file. See the section for more information. symbolic-mode-list List of operations used to determine permissions on a specified file. See the section for more information. Symbolic Mode List A symbolic_mode_list is a comma-separated list of operations in the following form. Whitespace is not permitted. [who]op[permission The variable fields can have the following values: who One or more of the following letters: Modify permissions for user (owner). Modify permissions for group. Modify permissions for others. Modify permissions for all users is equivalent to op Required; one of the following symbols: Add permission to the existing file mode bits of who. Delete permission from the existing file mode bits of who. Replace the existing mode bits of who with permission. permission One or more of the following letters: Add or delete the read permission for who. Add or delete the write permission for who. Add or delete the execute file (search directory) permission for who. Add or delete the set-owner-ID-on-file-execution or set-group-ID-on-file-execution permission for who. Useful only if or is expressed or implied in who. Add or delete the sticky bit permission. Useful only if is expressed or implied in who. See chmod(2). Conditionally add or delete the execute/search permission as follows: o If file is a directory, add or delete the search permission to the existing file mode for who. (Same as o If file is not a directory, and the current file permissions include the execute permission displays an or an for at least one of user, group, or other, then add or delete the execute file permission for who. o If file is not a directory, and no execute permissions are set in the current file mode, then do not change any execute permission. Or one only of the following letters: Copy the current user permissions to who. Copy the current group permissions to who. Copy the current other permissions to who. The operations are performed in the order specified, and can override preceding operations specified in the same command line. If who is omitted, the and permissions are changed for all users if the changes are permitted by the current file mode creation mask (see umask(1)). The and permissions are changed as if was specified in who. Omitting permission is useful only when used with to delete all permissions. Numeric Mode (Obsolescent) Absolute permissions can be set by specifying a numeric_mode, an octal number constructed from the logical OR (sum) of the following mode bits: Miscellaneous mode bits: Permission mode bits: EXTERNAL INFLUENCES
Environment Variables determines the language in which messages are displayed. If is not specified or is null, it defaults to the value of If is not specified or is null, it defaults to (see lang(5)). If any internationalization variable contains an invalid setting, all internationalization variables default to See environ(5). International Code Set Support Single- and multibyte character code sets are supported. RETURN VALUE
Upon completion, returns one of the following values: Successful completion. An error condition occurred. EXAMPLES
Deny write permission to others: Make a file executable by everybody: Assign read and execute permission to everybody, and set the set-user-ID bit: Assign read and write permission to the file owner, and read permission to everybody else: or the obsolescent form: Traverse a directory subtree making all regular files readable by user and group only, and all executables and directories executable (searchable) by everyone: If the current value of is displays do not change write permission for group) and the current permissions for file are displayed by as then the command sets the permissions to displayed by as If the current value of is displays do not change write permission for group) and the current permissions for file are displayed by as then the command sets the permissions to displayed by as DEPENDENCIES
The option causes to fail on file systems that do not support ACLs. AUTHOR
was developed by AT&T and HP. SEE ALSO
chacl(1), ls(1), umask(1), chmod(2), acl(5), aclv(5). STANDARDS CONFORMANCE
chmod(1)