01-07-2010
thegeek - what you suggest is a security hole, IMO. It means anybody can excute the command. sudo was built explicitly for the task described - give one-off access to restricted commands & files to one user and run them as root.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
i have logged in as user.
I want to write a script to login into root and execute commands for eg. ifconfig or other command.
kindly help me out. (6 Replies)
Discussion started by: pradeepreddy
6 Replies
2. Shell Programming and Scripting
Hi All
I have written one shell script for GPRS route add is given below named GPRSRouteSet.sh
URL="www.google.com"
VBURL="10.5.2.211"
echo "Setting route for $URL for GPRS"
URL_Address=`nslookup $URL|grep Address:|grep -v "#"|awk -F " " '{print $2}'|head -1`
echo "Executing ... (3 Replies)
Discussion started by: mnmonu
3 Replies
3. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
4. Shell Programming and Scripting
Hi,
We need to execute a root commmand to change the expiry period of a user but we are getting error as permission denied
Q How can we execute a root command by a normal user ? :mad:
any thing or suggestion will be good .... :b: (3 Replies)
Discussion started by: abhishek1979
3 Replies
5. Cybersecurity
How to limit patchadd command to root user only?
I'm running a solaris 10 5/09 server, I have 2 users other than root. One being able to use the patchadd command and one is unable to do so. What I'm trying to do is to limit the patchadd command so that only root is able to run it. (7 Replies)
Discussion started by: ShouTenraku
7 Replies
6. AIX
Hi
I'm logged in to an AIX box now and we need to do an audit on this box.
cbssapr01:# pwd
/
Which command will show all the files and directories owned by root user with permissions as 777 ? (8 Replies)
Discussion started by: newtoaixos
8 Replies
7. UNIX for Dummies Questions & Answers
I've been through many threads before i decide to create a separate thread.
I can't really find the solution to my (simple) problem.
Here's what I'm trying to achieve:
As "canar" user I want to run a command, let's say "/opt/ocaml/bin/ocaml" as "duck" user.
The only to achieve this is to... (1 Reply)
Discussion started by: canar
1 Replies
8. UNIX for Dummies Questions & Answers
Hi ,
I am trying to stop and start a process using the below code. I have sudo access on my machine
## PID = process id
echo "$PASSWD" | sudo -S kill -9 <PID>
echo "$PASSWD" | sudo -S /opt/abc/startserver
/opt/abc/startserver: error while loading shared libraries: librts.so: cannot open... (6 Replies)
Discussion started by: rakeshkumar
6 Replies
9. Shell Programming and Scripting
i m logged in with user1 id.
i wish to execute the below as root user for which i tried several commands but all of them fail.
sudo 'cat /tmp/tmp.file >>/etc/logger'
Password:
sudo: cat /tmp/tmp.file >>/etc/logger: command not found
sudo cat /tmp/tmp.file >>/etc/logger
bash:... (5 Replies)
Discussion started by: mohtashims
5 Replies
10. UNIX for Beginners Questions & Answers
Hi,
I am trying to run a command within my KSH script as another user due to permission issues, now both users are non root. I have tried the following command and was unsuccessful:
echo "<password>" | sudo -S -u <username> -k command
Can I use sudo to run a command as a non-root user? (5 Replies)
Discussion started by: MIA651
5 Replies
LEARN ABOUT DEBIAN
pmvarrun
pmvarrun(8) pam_mount pmvarrun(8)
Name
pmvarrun - updates /var/run/pam_mount/user
Syntax
pmvarrun -u user [options]
Description
A separate program is needed so that /var/run/pam_mount/user may be created with a pam_mount-specific security context (otherwise SELinux
policy will conflict with gdm, which also creates file in /var/run).
pmvarrun is flexible and can run in a number of different security setups:
root-root
When pmvarrun is invoked as root, /var/run/pam_mount's permission settings can be as strict as needed; usually (0755,root,root) is a good
pick as it gives users the debug control over their refcount. Refcount files are given their respective owners (chowned to the user who
logs in).
user-user
When invoked as the user who logs in, /var/run/pam_mount needs appropriate permissions to create a file, which means the write bit must be
set. It is also highly suggested to set the sticky bit in this case, so other users do not tamper with your refcount.
root-user
Some programs or login helpers incorrectly call the PAM stack in a way that the login phase is done as root and the logout phase as a nor-
mal user. Nevertheless, pmvarrun supports this, and the same permissions as in root-root can be used. While the user may not be able to
unlink his file from /var/run/pam_mount, it will be truncated to indicate the same state.
Options
--help, -h
Display help.
--user user, -u user
User to handle, must be a valid username.
--operation number, -o number
Increase volume count by number.
-d Turn on debugging.
Files
/var/run/pam_mount/user
Author
This manpage was originally written by Bastian Kleineidam <calvin@debian.org> for the Debian distribution of libpam-mount but may be used
by others.
See /usr/share/doc/packages/libpam-mount/copyright for the list of original authors of pam_mount.
pam_mount 2008-10-08 pmvarrun(8)