03-19-2013
Isn't that a bit like asking who can drive my car?
It depends on who you have given the keys too, or if you are out and left the keys at home, or work, who knows which drawer you keep them in, and who has access to your home or office...
Who can, or has, changed the permissions on any file or directory...
Who has access to the system and what permissions they might have to enable then to gain access...
The list is endless depending on your configuration...
If you are asking from a default AIX install perspective then it will probably also depend on the exact level, what is installed, who or what has access via various different methods - Tivoli Access Manager, HMC commands via RMC, Etc.
I don't think you'll ever find a definitive list.
HTH
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
I have to write a script (not C based) that allows to capture of all commands issued by the user “root”.
First, I tried to monitor the .bash_history but the commands are written in chunk after the .bash_history is closed.
How can I capture the commands in Real-Time without waiting root to... (4 Replies)
Discussion started by: elieifrah@gmail
4 Replies
2. HP-UX
Hi
I have been asked to find out how to
1) create users
2) reset passwords
3) kill processes that may require root privileges
without having root password, sudo rights or rights to passwd command
Any ideas?
Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies
3. Shell Programming and Scripting
Dear all
Ihave written a script in Hpux9.0, the ecript is working fine if I run it from root command prompt
But when I am running it thru /etc/profile or /user/.profile and login as a normal user, the owner of the process running the script is the normal user & hence cant run a root privileaged... (7 Replies)
Discussion started by: initin
7 Replies
4. AIX
Good morning everybody. I have just receiedv a complaint from our DBA saying that if he create a scripts to run some Oracle performance scripts using crontab and the scheduling part is ok but the job is failed when I checked on /var/adm/cron/log.
I have tried his scripts using Oracle id directly... (4 Replies)
Discussion started by: kwliew999
4 Replies
5. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
6. Shell Programming and Scripting
So I have a script that runs as a non-root user, lets say the username is 'xymon' .
This script needs to log on to a remote system as a non-root user also and call up a bash script that runs another bash script as root.
in short: user xymon on system A needs to run a file as root user and have... (2 Replies)
Discussion started by: damang111
2 Replies
7. SuSE
I am using SUSE Linux Enterprise Server 10 SP2 (i586) and I had earlier ammended my sudoers file to allow users to become root user with "sudo su - " command
Now I am trying to add multiple users to the sudoers file to run several commands such as restarting the server, restarting the nagios... (9 Replies)
Discussion started by: hedkandi
9 Replies
8. Shell Programming and Scripting
is it possible that we can restrict the root user if he runs some commands?? e.g i want if root runs command 'rm etc/passwd', he shoudn't be able to run command and throws error :confused: (3 Replies)
Discussion started by: sheelsadan
3 Replies
9. AIX
I'm looking for a way to track commands that are run as root after a user runs sudo su - root. I have a profile set up for root that will track the commands by userid but if we change the shell it only stores it in that shells history file. (2 Replies)
Discussion started by: toor13
2 Replies
10. Shell Programming and Scripting
Hello I have a script which is working fine so far to generate HTML file. Now i am wondering how do i include a syntax where it can change itself to root user and execute a specific commands as root user.
Please help, Thanks in advance.
-Siddhesh (2 Replies)
Discussion started by: Siddheshk
2 Replies
NWGRANT(8) nwgrant NWGRANT(8)
NAME
nwgrant - Add Trustee Rights to a directory
SYNOPSIS
nwgrant [ -h ] [ -S server ] [ -U user name ] [ -P password | -n ] [ -C ] [ -o object name | -O object id ] [ -t type ] [ -r rights ]
file/directory
DESCRIPTION
nwgrant adds the specified bindery object with the corresponding trustee rights to the directory.
nwgrant looks up the file $HOME/.nwclient to find a file server, a user name and possibly a password. See nwclient(5) for more information.
Please note that the access permissions of $HOME/.nwclient MUST be 600 for security reasons.
OPTIONS
-h
-h is used to print out a short help text.
-S server
server is the name of the server you want to use.
-U user
user is the user name to use for login.
-P password
password is the password to use for login. If neither -n nor -P are given, and the user has no open connection to the server, nwgrant
prompts for a password.
-n
-n should be given if no password is required for the login.
-C
By default, passwords are converted to uppercase before they are sent to the server, because most servers require this. You can turn off
this conversion by -C.
-o object name
The name of the object to be added as trustee.
-O object id
The id of the object to be added as trustee.
-t object type
The type of the object. Object type must be specified as a decimal value. Common values are 1 for user objects, 2 for group objects and
3 for print queues. Other values are allowed, but are usually used for specialized applications. If you do not specify object type,
object name is taken as NDS name.
-r rights
You must tell nwgrant which rights it should grant to the bindery object. The new rights for the object is specified by rights, which
can be either a hexadecimal number representing the sum of all the individual rights to be granted or a string containing characters
representing each right. Characters within the brackets may be in any order and in either case. Spaces are allowed between the brack-
ets - in which case the entire string should be quoted. Hexadecimal and character values for the rights are shown in this table:
00 = no access
01 = read access = R
02 = write access = W
08 = create access = C
10 = delete access = E
20 = ownership access = A
40 = search access = F
80 = modify access = M
100 = supervisory access = S
for a possible total of "1fb" or "[SRWCEMFA]" for all rights.
file/directory
You must specify the directory to which to add the object as trustee. This has to be done in fully qualified NetWare notation.
Example:
nwgrant -S NWSERVER -o linus -t 1 -r fb 'data:homelinus'
With this example, user linus is given all rights except supervisory to his home directory on the data volume. This example assumes the
existence of the file $HOME/.nwclient.
nwgrant -o linus -t 1 -r fb /home/linus/ncpfs/data/home/linus
With this example, user linus is given all rights except supervisory to his home directory on the data volume. This example assumes that
NWSERVER is already mounted on /home/linus/ncpfs mountpoint.
AUTHORS
nwgrant was written by Volker Lendecke with the corresponding NetWare utility in mind. See the Changes file of ncpfs for other contribu-
tors.
nwgrant 5/19/2000 NWGRANT(8)