Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: rbac and execution attributes (uid and euid)
Operating Systems Solaris rbac and execution attributes (uid and euid) Post 302473574 by bartus11 on Sunday 21st of November 2010 12:34:18 PM
Old 11-21-2010
What do you mean by "All: * does not matter"? Also I don't understand your second question... If you are asking if executables listed in your post will all have same uid and euid when being run, then no, they won't. In case of executables with euid entry, the uid will be the same as uid of the user that run them, while the euid will be set to "0". Entries with uid entry will have both uid and euid set to the value specified ("0" in this case), regardless of who is running the program.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

To:blowtorch - Setuid uid/euid issue

Hi, Its a shell script. rws by root, r_s by group named "other" and r_x by all others. How can i set the uid from inside a setuid program. please let me know. Also I dont have a c compiler on the system. Thanks Reply With Quote (0 Replies)
Discussion started by: 0ktalmagik
0 Replies

2. UNIX for Advanced & Expert Users

Setuid Program with (-rwsr-sr-x 1 root other ) UID/EUID issue

Hi, I have a program with the following suid setup -rwsr-sr-x 1 root other 653 Aug 16 17:00 restart_server It basically starts up a service that has to be started by root. I just want the normal users to be able to restart the service using the script above. But when the... (7 Replies)
Discussion started by: 0ktalmagik
7 Replies

3. Solaris

Rbac

I am trying to let user asillitoe su to the godbrook role to execute commands. I have editted files as follows: user_attr: asillito::::type=normal;roles=godbrook godbrook::::type=role;profiles=Gadbrook,All prof_attr: Gadbrook:::Allow root commands to be used by godbrook: exec_attr:... (0 Replies)
Discussion started by: chrisdberry
0 Replies

4. Solaris

EUID set for all non-root users

We have a Solaris box. I noticed that whenever any non-root user logins into the box and issues the command id the output is (for example) uid=42568(sam) gid=1245(sam) euid=0(root) egid=2(bin). I have not given any privileges to anyone explicitly. When I issued ls -l in the /usr/bin directory I... (1 Reply)
Discussion started by: chrisanto_2000
1 Replies

5. Red Hat

euid and egid frpm proc

hi, can anyone tell me where can i find euid and egid from /proc file system in RHEL 4? i read stat file, but i got only uid and gid, and cudnot find any entry regarding euid and egid.please suggest... thanks, sanjay (2 Replies)
Discussion started by: sanjaykhuntia
2 Replies

6. Solaris

RBAC Help

do i have to create a new account to add a role? i want the sysadmin login i have 3 users on my systems sysadmin secman oc01 also 3 profiles SA (goes t0 sysadmin account) SSO (goes to secman account) LMICS (goes to oc01 account) the user accounts are located in /h/USERS/local the... (4 Replies)
Discussion started by: deaconf19
4 Replies

7. AIX

RBAC in 5.3 Question

I would like to use the Role Based access control to granulize some of the administration of AIX systems in our organization. Across the company we will be using aix 5.3. One of these roles will only have the access to make, change and delete users, something similar to ManageAllUsers. The thing... (1 Reply)
Discussion started by: dgaixsysadm
1 Replies

8. Solaris

rbac problem.

Hi all! On backup server with contab my script worked, but one command don't fine to be executed: bash-3.00$ scp itadmin@172.17.0.44:/export/backups/* /bckp1/opencms/bcp_`date +%Y%m%d`/ www-zone.cfg 100%... (0 Replies)
Discussion started by: sotich82
0 Replies

9. UNIX for Advanced & Expert Users

Help with can't get execution attributes

Hi Gurus, I am trying to create a FS using SVM but system is throwing the following error. newfs /dev/md/rdsk/d1002 newfs: construct a new file system /dev/md/rdsk/d1002: (y/n)? y /usr/sbin/clri: can't get execution attributes (1 Reply)
Discussion started by: rama krishna
1 Replies

10. UNIX for Dummies Questions & Answers

Changing the user id or euid of the shell itself

Hi all, Ok, bear with me on this one, I am a bit new to Unix and it might take me a little bit of time to articulate my question. I know that every process has a user id and an effective user id. This seems to include the shell itself, because when I type 'ps', I see 'bash' listed as a... (2 Replies)
Discussion started by: oddthingy
2 Replies

LEARN ABOUT HPUX

setgid

setuid(2)							System Calls Manual							 setuid(2)

NAME

       setuid(), setgid() - set user and group IDs

SYNOPSIS

DESCRIPTION

       sets  the  real-user-ID	(ruid), effective-user-ID (euid), and/or saved-user-ID (suid) of the calling process.  If the Security Containment
       product is installed, these interfaces treat a process observing as a privileged process.  Otherwise, only processes with an euid  of  zero
       are treated as privileged processes.  See privileges(5) for more information on Security Containment and fine-grained privileges.

       The following conditions govern setuid's behavior:

	      o  If the process is privileged, sets the ruid, euid, and suid to uid.

	      o  If  the  process is not privileged and the argument uid is equal to the ruid or the suid, sets the euid to uid; the ruid and suid
		 remain unchanged.  (If a set-user-ID program is not running as superuser, it can change its euid to  match  its  ruid	and  reset
		 itself to the previous euid value.)

	      o  If the process is not privileged, the argument uid is equal to the euid, and the calling process has the privilege, sets the ruid
		 to uid; the euid and suid remain unchanged.

       sets the real-group-ID (rgid), effective-group-ID (egid), and/or saved-group-ID (sgid) of the calling process.	The  following	conditions
       govern behavior:

	      o  If the process is privileged, sets the rgid and egid to gid.

	      o  If  the  process is not privileged and the argument gid is equal to the rgid or the sgid, sets the egid to gid; the rgid and sgid
		 remain unchanged.

	      o  If the process is not privileged, the argument gid is equal to the egid, and the calling process has the privilege, sets the rgid
		 to gid; the egid and sgid remain unchanged.

   Security Restrictions
       Some  or  all of the actions associated with this system call require the privilege.  Processes owned by the superuser have this privilege.
       Processes owned by other users may have this privilege, depending on system configuration.

       See privileges(5) for more information about privileged access on systems that support fine-grained privileges.

RETURN VALUE

       Upon successful completion, and return 0; otherwise, they return -1 and set to indicate the error.

ERRORS

       and fail and return -1 if any of the following conditions are encountered:

	      None of the conditions above are met.

	      uid	     (gid) is not a valid user (group) ID.

WARNINGS

       It is recommended that the capability be avoided, as it is provided for backward compatibility.	This feature may be  modified  or  dropped
       from future HP-UX releases.  When changing the real user ID and real group ID, use of and (see setresuid(2)) is recommended instead.

AUTHOR

       was developed by AT&T, the University of California, Berkeley, and HP.

       was developed by AT&T.

SEE ALSO

       exec(2), getuid(2), setresuid(2), privileges(5).

STANDARDS CONFORMANCE

																	 setuid(2)
All times are GMT -4. The time now is 08:21 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy