05-21-2009
FWIW:
If you try commands as the root user you will get into trouble. You are far better off piddling around as a non-priv user. Unless you enjoy completely rebuilding your system....
10 More Discussions You Might Find Interesting
1. SuSE
Sir,
I using the following commands in a file (part of a bigger script):
#!/bin/bash
cd /opt/oracle/bin
ls -lt | tail -1 | awk '{print $6}' >> /tmp/ramb.out
If I run this from the command prompt the result is:
2007-05-16
if I run it as a cron job then... (5 Replies)
Discussion started by: rajranibl
5 Replies
2. Shell Programming and Scripting
Hi ,
I have a piece of code ...wherein I need to assign the following ...
1) A command line argument to a variable
e.g origCount=ARGV
2) A unix command to a variable
e.g result=`wc -l testFile.txt`
in my awk shell script
When I do this :
print "origCount" origCount --> I get the... (0 Replies)
Discussion started by: sweta_doshi
0 Replies
3. AIX
AIX:Command to get netaddress/subnet address command in IPv4/IP6
Can anybody help us with a command to retrieve netaddress/subnet address command in IPv4/IP6 on aix machine.
net/subnet address is in the format 172.16.212.0(signifies all 255 machines in an IPv4 network) (2 Replies)
Discussion started by: rookie8278
2 Replies
4. Shell Programming and Scripting
Hi everyone,
when executing this command in unix:
echo "WM7 Fatal Alerts:", $(cat query1.txt) > a.csvIt works fine, but running this command in a shell script gives an error saying that there's a syntax error.
here is content of my script:
tdbsrvr$ vi hc.sh
"hc.sh" 22 lines, 509... (4 Replies)
Discussion started by: 4dirk1
4 Replies
5. UNIX for Advanced & Expert Users
Hi,
Well my title isn't very clear I think. So to understand my goal:
I have a script "test1"
#!/bin/bash
xvkbd -text blabla
with xbindkeys, I bind F5 key in order it runs my test1 script
So when I press F5, test1 runs.
I'm under Emacs/Vi and I press F5 in order to have "blabla" be... (0 Replies)
Discussion started by: xib.be
0 Replies
6. UNIX for Dummies Questions & Answers
HI Guys,
I hope you are well. I am trying to write a script that gets executed every time i open a shell (cshell). I have two questions about that
1) I need to enter these commands
$ echo $DISPLAY
$ setenv $DISPLAY output_of_echo_$display_command
How can i write a... (2 Replies)
Discussion started by: kaaliakahn
2 Replies
7. Shell Programming and Scripting
I am working with a sh script on a solaris 9 zone (sol 10 host) that grabs information to build the configuration command line. the variables Build64, SSLopt, CONFIGopt, and CC are populated in the script. the script includes
CC=`which gcc`
CONFIGopt=' --prefix=/ --exec-prefix=/usr... (8 Replies)
Discussion started by: oly_r
8 Replies
8. Shell Programming and Scripting
below is the output xml string from some other command and i will be parsing it using awk
cat /tmp/alerts.xml
<Alert id="10102" name="APP-DS-ds_ha-140018-componentFailure-S" alertDefinitionId="13982" resourceId="11427" ctime="1359453507621" fixed="false" reason="If Event/Log Level(ANY) and... (2 Replies)
Discussion started by: vivek d r
2 Replies
9. AIX
exec(): 0509-036 Cannot load program /usr/opt/freeware/bin/rpm because of the following errors:
0509-022 Cannot load module /opt/freeware/lib/libintl.a(libintl.so.1).
0509-150 Dependent module /opt/freeware/lib/libiconv.a(shr4.o) could not be loaded.
0509-152 Member... (4 Replies)
Discussion started by: Ohmkar
4 Replies
10. UNIX for Beginners Questions & Answers
Hello Forum,
I'm making very good progress on my report thanks to the very helpful people on this forum. I've been able to successfully create my report for my Red Hat servers. But I do have a few ubuntu servers in the mix and I'd like to capture some data from them when an ssh connection is... (8 Replies)
Discussion started by: greavette
8 Replies
PRIV(9) BSD Kernel Developer's Manual PRIV(9)
NAME
priv -- kernel privilege checking API
SYNOPSIS
#include <sys/priv.h>
int
priv_check(struct thread *td, int priv);
int
priv_check_cred(struct ucred *cred, int priv, int flags);
DESCRIPTION
The priv interfaces check to see if specific system privileges are granted to the passed thread, td, or credential, cred. This interface
replaces the now removed suser(9) privilege checking interface. Privileges typically represent rights in one of two categories: the right to
manage a particular component of the system, or an exemption to a specific policy or access control list. The caller identifies the desired
privilege via the priv argument. The optional flags argument, flags, is currently unused.
Privilege Policies
Privileges are typically granted based on one of two base system policies: the superuser policy, which grants privilege based on the effec-
tive (or sometimes real) UID having a value of 0, and the jail(2) policy, which permits only certain privileges to be granted to processes in
a jail. The set of available privileges may also be influenced by the TrustedBSD MAC Framework, described in mac(9).
IMPLEMENTATION NOTES
When adding a new privilege check to a code path, first check the complete list of current privileges in sys/priv.h to see if one already
exists for the class of privilege required. Only if there is not an exact match should a new privilege be added to the privilege list. As
privilege numbers becomes encoded in the kernel module ABI, privilege constants must not be changed as any kernel modules depending on privi-
leges will then need to be recompiled. When adding a new privilege, be certain to also determine whether it should be listed in
prison_priv_check(), which includes a complete list of privileges granted to the root user in jail(2).
Certain catch-all privileges exist, such as PRIV_DRIVER, intended to be used by device drivers, rather than adding a new driver-specific
privilege.
RETURN VALUES
Typically, 0 will be returned for success, and EPERM will be returned on failure. Most consumers of priv will wish to directly return the
error code from a failed privilege check to user space; a small number will wish to translate it to another error code appropriate to a spe-
cific context.
When designing new APIs, it is preferable to return explicit errors from a call if privilege is not granted rather than changing the seman-
tics of the call but returning success. For example, the behavior exhibited by stat(2), in which the generation field is optionally zero'd
out when there is insufficient privilege is highly undesirable, as it results in frequent privilege checks, and the caller is unable to tell
if an access control failure occurred.
SEE ALSO
jail(2), mac(9), ucred(9)
AUTHORS
The priv API and implementation were created by Robert Watson under contract to nCircle Network Security, Inc.
BSD
August 30, 2006 BSD