Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: To Change the user during runtime
Top Forums Shell Programming and Scripting To Change the user during runtime Post 302159046 by frank_rizzo on Thursday 17th of January 2008 01:06:56 AM
Old 01-17-2008
Quote:
Originally Posted by dhanamurthy
Another way to do it is i.e if you want to change to the user to the owner of the file then you can use 's' bit. i.e the setuid bit on the file. So the executable when it runs , runs as if the owner of the executable is running it

I highly recommend against doing this. This is a very bad for security and avoid it at all costs. Some systems like AIX will ignore the setuid bit on a shell script. Use a sudo like solution.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to link to some lib in runtime as a nonsuper user?

My program is written in cpp and it uses a non standard library. I have compiled successfully by linking it to the library. But when i try to run the program. it give a error message like: "error while loading shared libraries: ***.so: cannot open shared object file: No such file or directory"... (2 Replies)
Discussion started by: zzz_zzz
2 Replies

2. Shell Programming and Scripting

How do i change to super user then revert back to ordinary user ,using shell script?

Hi all, I am trying to eject the cdrom from a livecd after certain stage... Now assuming that it is possible to eject,please consider my issue!!! The OS boots into a regular user by default...so i am unable to use the eject command to push out the drive... However if i try pfexec eject it... (3 Replies)
Discussion started by: wrapster
3 Replies

3. UNIX for Dummies Questions & Answers

change user> to user@host> ssh prompt

Hi, I was wondering how to change the prompt for my ssh login. At the moment it is like user> while I'd like it to be as user@host> It is in the .bash_profile or .ssh ??? Thanks (2 Replies)
Discussion started by: pmasterkim
2 Replies

4. Shell Programming and Scripting

Change user

Hi, I have to change many times user in a script. With the command su userName I receive the request for password. I need to open a session with another user I would put the password at the beginning. How can I do it? Thanks, bye bye. ---------- Post updated 22-04-10 at 10:58 AM ----------... (9 Replies)
Discussion started by: abdujaparov
9 Replies

5. Solaris

how to change /export/home/user dir to /home /user in solaris

Hi all i am using solaris 10, i am creating user with useradd -d/home/user -m -s /bin/sh user user is created with in the following path /export/home/user (auto mount) i need the user to be created like this (/home as default home directory ) useradd -d /home/user -m -s /bin/sh... (2 Replies)
Discussion started by: kalyankalyan
2 Replies

6. AIX

How to change normal user id to LDAP user id?

If I create a new user id test: mkuser id=400 test then I want it to LDAP user: chuser -R LDAP SYSTEM=LDAP registry=LDAP test It shows: 3004-687 User "test" does not exist. How to do? (4 Replies)
Discussion started by: rainbow_bean
4 Replies

7. Shell Programming and Scripting

Passwordless sftp using a different user than the runtime user

I am running a shell script as user A. In that script I need to execute a sftp that would transfer the file using another user B. I am using the below command: sftp -oPort22 B@remote server However, I am getting password prompts each time. I have done the following: Added the public... (4 Replies)
Discussion started by: mady135
4 Replies

8. Red Hat

Runtime Error Enable user directory apache

Hi I am exactly according to this link CentOS 6 - Apache httpd - Enable Userdir : Server World I Enabled userDirectory Server version: Apache/2.2.15 CentOS release 6.8 (Final) But Iget this Error Forbidden You don't have permission to access /~mn/index.html on this server Goal... (2 Replies)
Discussion started by: mnnn
2 Replies

9. Shell Programming and Scripting

Change user

Hi All, need your assistance, how can i change user again after i change my user. here is the code that i tried su - myuser #success su - webuser ##what i want to try is to change user again to webuser from myuser account my output is it cannot change to webuser account. only in... (8 Replies)
Discussion started by: meister29
8 Replies

LEARN ABOUT XFREE86

fs_setcell

FS_SETCELL(1)						       AFS Command Reference						     FS_SETCELL(1)

NAME
       fs_setcell - Configures permissions for setuid programs from specified cells

SYNOPSIS
       fs setcell -cell <cell name>+ [-suid] [-nosuid] [-help]

       fs setce -c <cell name>+ [-s] [-n] [-h]

DESCRIPTION
       The fs setcell command sets whether the Cache Manager allows programs (and other executable files) from each cell named by the -cell
       argument to run with setuid permission. By default, the Cache Manager allows programs from its home cell to run with setuid permission, but
       not programs from any foreign cells. A program belongs to the same cell as the file server machine that houses the volume in which the
       program's binary file resides, as specified in the file server machine's /etc/openafs/server/ThisCell file. The Cache Manager determines
       its own home cell by reading the /etc/openafs/ThisCell file at initialization.

       To enable programs from each specified cell to run with setuid permission, include the -suid flag. To prohibit programs from running with
       setuid permission, include the -nosuid flag, or omit both flags.

       The fs setcell command directly alters a cell's setuid status as recorded in kernel memory, so rebooting the machine is unnecessary.
       However, non-default settings do not persist across reboots of the machine unless the appropriate fs setcell command appears in the
       machine's AFS initialization file.

       To display a cell's setuid status, issue the fs getcellstatus command.

CAUTIONS
       AFS does not recognize effective UID: if a setuid program accesses AFS files and directories, it does so using the current AFS identity of
       the AFS user who initialized the program, not of the program's owner.  Only the local file system recognizes effective UID.

       Only members of the system:administrators group can turn on the setuid mode bit on an AFS file or directory.

       When the setuid mode bit is turned on, the UNIX "ls -l" command displays the third user mode bit as an "s" instead of an "x". However, the
       "s" does not appear on an AFS file or directory unless setuid permission is enabled for the cell in which the file resides.

OPTIONS
       -cell <cell name>+
	   Names each cell for which to set setuid status. Provide the fully qualified domain name, or a shortened form that disambiguates it from
	   the other cells listed in the local /etc/openafs/CellServDB file.

       -suid
	   Allows programs from each specified cell to run with setuid privilege. Provide it or the -nosuid flag, or omit both flags to disallow
	   programs from running with setuid privilege.

       -nosuid
	   Prevents programs from each specified cell from running with setuid privilege. Provide it or the -suid flag, or omit both flags to
	   disallow programs form running with setuid privilege.

       -help
	   Prints the online help for this command. All other valid options are ignored.

EXAMPLES
       The following command enables executable files from the State University cell to run with setuid privilege on the local machine:

	  % fs setcell -cell stateu.edu -suid

PRIVILEGE REQUIRED
       The issuer must be logged in as the local superuser root.

SEE ALSO
       fs_getcellstatus(1)

COPYRIGHT
       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.  It was converted from HTML to POD by software written by Chas
       Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.

OpenAFS 							    2012-03-26							     FS_SETCELL(1)
All times are GMT -4. The time now is 06:51 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy