03-27-2012
If you want to get creative, you could just write wrapper scripts for the commands that you don't want root to run or have limited access too. I've actually done this at a previous workplace that insisted on allowing others (besides me) to have root access on some shared systems. I wrote a wrapper for the rm command and put all types of checks and balances as well as logging into it (there was an issue of data being deleted as the root user and no one fessing up).
This way you can avoid messing with the root account itself as bitlord said.
Just a thought.
Good luck.
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have to write a script (not C based) that allows to capture of all commands issued by the user “root”.
First, I tried to monitor the .bash_history but the commands are written in chunk after the .bash_history is closed.
How can I capture the commands in Real-Time without waiting root to... (4 Replies)
Discussion started by: elieifrah@gmail
4 Replies
2. HP-UX
Hi
I have been asked to find out how to
1) create users
2) reset passwords
3) kill processes that may require root privileges
without having root password, sudo rights or rights to passwd command
Any ideas?
Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies
3. Shell Programming and Scripting
Hi all,
Is there a way to prevent users from being able to execute commands less a select few? For instance, I wish to allow the user to be only able to execute 1 command, which is exec a.sh. He should not be able to do simple stuff such as ls, cd, rm, cat, etc.
Can this be achieved?
... (1 Reply)
Discussion started by: rockysfr
1 Replies
4. Shell Programming and Scripting
Dear All
I am running into a situation where I am running a script as another user lets say oracle using su command as below, and the script fails because the .profile of oracle is not executed so the environment variables are not set.
cat /etc/passwd | grep oracle... (4 Replies)
Discussion started by: dbsupp
4 Replies
5. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
6. UNIX for Advanced & Expert Users
Hi,
I would like to know if there is anyway that I can pinpoint the user before/after he connects to the root? Also, I'm trying to find out what are the commands he inputs under root access. (6 Replies)
Discussion started by: pointgetter0
6 Replies
7. Shell Programming and Scripting
Hello I have a script which is working fine so far to generate HTML file. Now i am wondering how do i include a syntax where it can change itself to root user and execute a specific commands as root user.
Please help, Thanks in advance.
-Siddhesh (2 Replies)
Discussion started by: Siddheshk
2 Replies
8. AIX
Hello,
I am testing sudo and I want to test it. Can anyone please let me know few commands (of course other than shutdown, reboot etc. as I can't reboot the box) on AIX that can be run by ROOT only.
Thanks
---------- Post updated at 07:43 PM ---------- Previous update was at 07:38 PM... (5 Replies)
Discussion started by: prvnrk
5 Replies
9. Shell Programming and Scripting
Platform :Oracle Linux 6.4
We are trying to automate the SAN level cloning from production RAC DB cluster to test.
From a shell script, I would like to run the below command Step1,2 and 3 from Node1 in a sequential order as root user . How can I do this ? passwordless for root user is not... (2 Replies)
Discussion started by: kraljic
2 Replies
10. UNIX for Beginners Questions & Answers
Hi,
I am trying to run a command within my KSH script as another user due to permission issues, now both users are non root. I have tried the following command and was unsuccessful:
echo "<password>" | sudo -S -u <username> -k command
Can I use sudo to run a command as a non-root user? (5 Replies)
Discussion started by: MIA651
5 Replies
SETUID(1) General Commands Manual SETUID(1)
NAME
setuid - run a command with a different uid.
SYNOPSIS
setuid username|uid command [ args ]
DESCRIPTION
Setuid changes user id, then executes the specified command. Unlike some versions of su(1), this program doesn't ever ask for a password
when executed with effective uid=root. This program doesn't change the environment; it only changes the uid and then uses execvp() to find
the command in the path, and execute it. (If the command is a script, execvp() passes the command name to /bin/sh for processing.)
For example,
setuid some_user $SHELL
can be used to start a shell running as another user.
Setuid is useful inside scripts that are being run by a setuid-root user -- such as a script invoked with super, so that the script can
execute some commands using the uid of the original user, instead of root. This allows unsafe commands (such as editors and pagers) to be
used in a non-root mode inside a super script. For example, an operator with permission to modify a certain protected_file could use a
super command that simply does:
cp protected_file temp_file
setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
cp temp_file protected_file
(Note: don't use this example directly. If the temp_file can somehow be replaced by another user, as might be the case if it's kept in a
temporary directory, there will be a race condition in the time between editing the temporary file and copying it back to the protected
file.)
AUTHOR
Will Deich
local SETUID(1)