04-18-2010
I would not use change the UID of your new_user_name to zero. You are after all trying to enhance the security - not reduce it. The easiest way to do this is to implement a tool called sudo, and allow the commands you need to have run as root enabled for this backup user as root. Thenin your script where the command is insert the sudo command before the command you wish to run as root and voila.
with laer vesions of AIX you can also use RBAC (Role Based Access Control) to achieve this.
9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi,
My requirement is that i am login from ROOT in a script but when any
command is coming which is logging to sqlplus then i have to run it with normal user as only normal user have permission to connect to sqlplus .
i tried making a script like this :
#! /bin/ksh
su -... (3 Replies)
Discussion started by: rawatds
3 Replies
2. Shell Programming and Scripting
Hi all,
I would need a script to run only at the first login of a newly created user. And at the first time only. I did some googlework but unfortunatly... I made up it possibly had something to do with the bashrc file.
This script is some kind of info for the user ; with the possiblity to... (1 Reply)
Discussion started by: laurens
1 Replies
3. Solaris
Hello World ~
HW : SUN Fire V240
OS : Solaris 8
Error message prompts 'rmclomv ... SC login failure ...' on terminal.
and
Error Message prompts continually 'SC Login Failure for user Please login:' on Single Mode(init S)
The System is in normal operation, though
In case of rain, Can... (1 Reply)
Discussion started by: lifegeek
1 Replies
4. Shell Programming and Scripting
Hey guys,
I have some task from my office to lock user on the specified directory after the user logged on using ssh. And then run prompt program to fill the required information. Yeah, just like an ATM system.
My question:
How could I do those?? AFAIK I have to edit the ~./bashrc. But the... (1 Reply)
Discussion started by: franzramadhan
1 Replies
5. Shell Programming and Scripting
Hi Every body,
I would need a shell script program to login as different user and perform some copy commands in the script.
example: Supppose ora_toms is the active user
ora_toms should be able to run a script where user: ftptomsp pass: XXX should login through and run the commands
... (9 Replies)
Discussion started by: ujjwal27
9 Replies
6. AIX
I want to learn AIX. I would like to find someone who would be willing to give me a login to their AIX home lab server. My intent is to poke around and discover the similarities and differences of AIX compared to other *NIXs.
I am a UNIX admin so I can think of what some immediate concerns may... (1 Reply)
Discussion started by: perl_in_my_shel
1 Replies
7. Shell Programming and Scripting
now i have logged in username : ramesh in unix
Now i have to created script file to login into another user and have run a command inside that user and after executing the command i have to exit from that user.
Inside script, i have to login into su - ram along with password : haihow and have to... (4 Replies)
Discussion started by: rammm
4 Replies
8. Solaris
Hi All,
I have problem running a command with another user who has no login shell
the os is solaris 10
i am root and doing the following:
su user -s /bin/bash "ls"
no output .. no error messages
if su - user i got No directory
Please use CODE tags as required by forum... (2 Replies)
Discussion started by: BF_DEV
2 Replies
9. UNIX for Advanced & Expert Users
Hi Experts,
Need your support
Redhat 6.5
I want to create a user with all(read, write, execute) privileges except that user should not be able to create any new user from his login
to perform any task. (10 Replies)
Discussion started by: as7951
10 Replies
SETUID(1) General Commands Manual SETUID(1)
NAME
setuid - run a command with a different uid.
SYNOPSIS
setuid username|uid command [ args ]
DESCRIPTION
Setuid changes user id, then executes the specified command. Unlike some versions of su(1), this program doesn't ever ask for a password
when executed with effective uid=root. This program doesn't change the environment; it only changes the uid and then uses execvp() to find
the command in the path, and execute it. (If the command is a script, execvp() passes the command name to /bin/sh for processing.)
For example,
setuid some_user $SHELL
can be used to start a shell running as another user.
Setuid is useful inside scripts that are being run by a setuid-root user -- such as a script invoked with super, so that the script can
execute some commands using the uid of the original user, instead of root. This allows unsafe commands (such as editors and pagers) to be
used in a non-root mode inside a super script. For example, an operator with permission to modify a certain protected_file could use a
super command that simply does:
cp protected_file temp_file
setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
cp temp_file protected_file
(Note: don't use this example directly. If the temp_file can somehow be replaced by another user, as might be the case if it's kept in a
temporary directory, there will be a race condition in the time between editing the temporary file and copying it back to the protected
file.)
AUTHOR
Will Deich
local SETUID(1)