02-26-2009
I run it as following , but it doesn't work, could you tell me what's wrong with it? it's solaris 10 system, I wonder whether the version disable the feature, how to verify that?
1.
$ pwd
/home/steven
$ id
uid=100(steven) gid=1(other)
-rwsrwxr-x 1 etrust root 49 2月 27 01:02 modifyfile
-rwx------ 1 etrust root 56 2月 27 01:02 etrustfile
modifyfile will modify the content of etrustfile. It should be accessed by etrust only. and I set modifyfile as rws. I want to run modifyfile as steven, but it shows I can't modfiy the etrustfile still. what's the porblem?
$ cat modifyfile
echo "add this line to etrustfile" >> etrustfile
$ modifyfile
modifyfile: etrustfile: cannot create
Thanks
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have a C wrapper programme which basically execute a shell script. The shell script has 700 as permission and oracle is owner of the shell script.
The C execuatble has 4711 permission so that means that it has setuid bit set and group and others can execute the C executable.
The reason why I am... (2 Replies)
Discussion started by: sanjay92
2 Replies
2. UNIX for Dummies Questions & Answers
could u plz give me clear idea of spcial permissions setuid,getuid and striky bit . (1 Reply)
Discussion started by: Prem
1 Replies
3. UNIX for Dummies Questions & Answers
Hi,
I have a Oracle Database on Solaris 5.10 .
Following file are showing with SUID/GUID bits .
-rwsr-xr-x root dba /optware/oracle/10.2.0.2/db/bin/extjob
What will happen if this is changed to oracle dba .
I need to know the will there be a effect if the owner of extjob is... (3 Replies)
Discussion started by: reply2soumya
3 Replies
4. UNIX for Advanced & Expert Users
hello,
i've a backup of a xen image which was tar'ed. i extracted the tarfile with --preserve and moved it to the lvm partition useing cp -p to preserve the ownership informations of the files in this step too.
but unfortunatly after extracting the archive some uid and guids which are present... (5 Replies)
Discussion started by: coffeecup
5 Replies
5. UNIX for Dummies Questions & Answers
Dear all,
what is SUID,GUID and Sticky bit permission?
can anyone gave me explanation with example?
thanks in advance.. (2 Replies)
Discussion started by: masthan25
2 Replies
6. AIX
Hi,
I am harsath , am new to UNIX- Aix ust started to learning , interested in working with servers , is it necessary to know shell scripting before learning aix, will i get job only if i know aix ....
pls reply..... Thanks in advance.... (2 Replies)
Discussion started by: harsath24330
2 Replies
7. Shell Programming and Scripting
I'm fairly new to scripting, and need some help in extracting a piece of data from some output I have. This is what the original output looks like:
.--------------------------------------------------------------------------------------.
| GUID | C1 | C2 ... (3 Replies)
Discussion started by: Akilleez
3 Replies
8. UNIX for Dummies Questions & Answers
Hi,
Any can explain the difference between the normal execute permission for the file and GUID of the file.
Since the normal execute permission has right to execute file why there is need of providing GUID for the same file.
Also share some examples for SUID and SGID programs.
Regards... (3 Replies)
Discussion started by: ksgnathan
3 Replies
9. UNIX for Dummies Questions & Answers
when I executed tar xvf jre-7u7-soloris-i586.tar.gz it created the last entry with user as 10 and group as 143. When I execute the cd to the jrel directory I get directory not found error. Not sure why this is happening. I am in the root account just trying to install Java Enterprise.
... (2 Replies)
Discussion started by: Fingerz
2 Replies
10. UNIX for Beginners Questions & Answers
Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ?
So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ?
... (2 Replies)
Discussion started by: sreyan32
2 Replies
LEARN ABOUT DEBIAN
dpns-setacl
DPNS-SETACL(1) DPNS User Commands DPNS-SETACL(1)
NAME
dpns-setacl - set DPNS directory/file access control lists
SYNOPSIS
dpns-setacl [-d] [-m] [-s] acl_entries path...
DESCRIPTION
dpns-setacl sets the Access Control List associated with a DPNS directory/file.
acl_entries is a comma separated list of entries. Each entry has colon separated fields: ACL type, id (uid or gid), permission. Only direc-
tories can have default ACL entries.
The entries look like:
user::perm
user:uid:perm
group::perm
group:gid:perm
mask:perm
other:perm
default:user::perm
default:user:uid:perm
default:group::perm
default:group:gid:perm
default:mask:perm
default:other:perm
The ACL type can be abbreviated to the first letter. The first "user" entry gives the permissions granted to the owner of the file. The
following "user" entries show the permissions granted to specific users, they are sorted in ascending order of uid. The first "group"
entry gives the permissions granted to the group owner of the file. The following "group" entries show the permissions granted to specific
groups, they are sorted in ascending order of gid. The "mask" entry is the maximum permission granted to specific users or groups. It
does not affect the "owner" and "other" permissions. The "mask" entry must be present if there are specific "user" or "group" entries.
"default" entries associated with a directory are inherited as access ACL by the files or sub-directories created in that directory. The
umask is not used. Sub-directories also inherit the default ACL as default ACL. As soon as there is one default ACL entry, the 3 default
ACL base entries (default user, default group, default other) must be present.
The entry processing conforms to the Posix 1003.1e draft standard 17.
The effective user ID of the process must match the owner of the file or the caller must have ADMIN privilege in the Cupv database.
path specifies the DPNS pathname. If path does not start with /, it is prefixed by the content of the DPNS_HOME environment variable.
uid can be given as the username or the corresponding numeric id.
gid can be given as the groupname or the corresponding numeric id.
perm can be expressed as a combination of characters rwx- or as a value between 0 and 7.
OPTIONS
-d remove ACL entries. The "perm" field is ignored.
-m modify existing ACL entries or add new entries.
-s set the ACL entries. The complete set of ACL entries is replaced.
EXAMPLES
Let's create a directory:
dpns-mkdir /dpm/dteam/test/file.log/d6
and add write permission for user bcouturi:
dpns-setacl -m u:bcouturi:rwx,m:rwx /dpm/dteam/test/file.log/d6
Let's create a directory:
dpns-mkdir /dpm/dteam/test/file.log/d7
and add default ACLs to it:
dpns-setacl -m d:u::7,d:g::7,d:o:5 /dpm/dteam/test/file.log/d7
Let's check the resulting ACLs:
dpns-getacl /dpm/dteam/test/file.log/d7
# file: /dpm/dteam/test/file.log/d7
# owner: baud
# group: c3
user::rwx
group::r-x #effective:r-x
other::r-x
default:user::rwx
default:group::rwx
default:other::r-x
Let's create a sub-directory and check the resulting ACLs:
dpns-mkdir /dpm/dteam/test/file.log/d7/d2
dpns-getacl /dpm/dteam/test/file.log/d7/d2
# file: /dpm/dteam/test/file.log/d7/d2
# owner: baud
# group: c3
user::rwx
group::rwx #effective:rwx
other::r-x
default:user::rwx
default:group::rwx
default:other::r-x
Let's create a file in the same directory and check the resulting ACLs:
dpns-touch /dpm/dteam/test/file.log/d7/f2
dpns-getacl /dpm/dteam/test/file.log/d7/f2
# file: /dpm/dteam/test/file.log/d7/f2
# owner: baud
# group: c3
user::rw-
group::rw- #effective:rw-
other::r--
EXIT STATUS
This program returns 0 if the operation was successful or >0 if the operation failed.
SEE ALSO
Castor_limits(4), dpns_chmod(3), dpns_chown(3), Cupvlist(1)
AUTHOR
LCG Grid Deployment Team
DPNS
$Date: 2003/08/26 06:21:13 $ DPNS-SETACL(1)