Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: List of AIX commands that can be run by ROOT user ONLY
Operating Systems AIX List of AIX commands that can be run by ROOT user ONLY Post 302783043 by alister on Tuesday 19th of March 2013 09:39:46 PM
Old 03-19-2013
I am not familiar with AIX, but perhaps you could search for all executables that are owned by root and for which only root has executable permission:
Code:
find /sbin /usr/sbin -user root -perm -100 ! -perm -010 ! -perm -001

I used two directories (/sbin, /usr/sbin) which (at least on systems that I've used) typically include system daemons and utilities.

Regards,
Alister
Last edited by alister; 03-19-2013 at 11:01 PM.. Reason: forgot the dash before 001
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Capture of all commands issued by the user “root”

I have to write a script (not C based) that allows to capture of all commands issued by the user “root”. First, I tried to monitor the .bash_history but the commands are written in chunk after the .bash_history is closed. How can I capture the commands in Real-Time without waiting root to... (4 Replies)
Discussion started by: elieifrah@gmail
4 Replies

2. HP-UX

user commands without root access

Hi I have been asked to find out how to 1) create users 2) reset passwords 3) kill processes that may require root privileges without having root password, sudo rights or rights to passwd command Any ideas? Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies

3. Shell Programming and Scripting

How a normal user run a script including root privileaged commands

Dear all Ihave written a script in Hpux9.0, the ecript is working fine if I run it from root command prompt But when I am running it thru /etc/profile or /user/.profile and login as a normal user, the owner of the process running the script is the normal user & hence cant run a root privileaged... (7 Replies)
Discussion started by: initin
7 Replies

4. AIX

Crontab cannot run by non-root user

Good morning everybody. I have just receiedv a complaint from our DBA saying that if he create a scripts to run some Oracle performance scripts using crontab and the scheduling part is ok but the job is failed when I checked on /var/adm/cron/log. I have tried his scripts using Oracle id directly... (4 Replies)
Discussion started by: kwliew999
4 Replies

5. UNIX for Dummies Questions & Answers

How to allow access to some commands having root privleges to be run bu non root user

hi i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies

6. Shell Programming and Scripting

Need to run a bash script that logs on as a non-root user and runs script as root

So I have a script that runs as a non-root user, lets say the username is 'xymon' . This script needs to log on to a remote system as a non-root user also and call up a bash script that runs another bash script as root. in short: user xymon on system A needs to run a file as root user and have... (2 Replies)
Discussion started by: damang111
2 Replies

7. SuSE

Allow multiple users to run several root commands

I am using SUSE Linux Enterprise Server 10 SP2 (i586) and I had earlier ammended my sudoers file to allow users to become root user with "sudo su - " command Now I am trying to add multiple users to the sudoers file to run several commands such as restarting the server, restarting the nagios... (9 Replies)
Discussion started by: hedkandi
9 Replies

8. Shell Programming and Scripting

How to restrict root user from running some commands

is it possible that we can restrict the root user if he runs some commands?? e.g i want if root runs command 'rm etc/passwd', he shoudn't be able to run command and throws error :confused: (3 Replies)
Discussion started by: sheelsadan
3 Replies

9. AIX

track commands run as root after sudo

I'm looking for a way to track commands that are run as root after a user runs sudo su - root. I have a profile set up for root that will track the commands by userid but if we change the shell it only stores it in that shells history file. (2 Replies)
Discussion started by: toor13
2 Replies

10. Shell Programming and Scripting

Script to run commands as root user

Hello I have a script which is working fine so far to generate HTML file. Now i am wondering how do i include a syntax where it can change itself to root user and execute a specific commands as root user. Please help, Thanks in advance. -Siddhesh (2 Replies)
Discussion started by: Siddheshk
2 Replies

LEARN ABOUT FREEBSD

chmod

CHMOD(1)						    BSD General Commands Manual 						  CHMOD(1)

NAME

     chmod -- change file modes

SYNOPSIS

     chmod [-fhv] [-R [-H | -L | -P]] mode file ...

DESCRIPTION

     The chmod utility modifies the file mode bits of the listed files as specified by the mode operand.

     The options are as follows:

     -f      Do not display a diagnostic message if chmod could not modify the mode for file, nor modify the exit status to reflect such failures.

     -H      If the -R option is specified, symbolic links on the command line are followed.  (Symbolic links encountered in the tree traversal
	     are not followed by default.)

     -h      If the file is a symbolic link, change the mode of the link itself rather than the file that the link points to.

     -L      If the -R option is specified, all symbolic links are followed.

     -P      If the -R option is specified, no symbolic links are followed.  This is the default.

     -R      Change the modes of the file hierarchies rooted in the files instead of just the files themselves.

     -v      Cause chmod to be verbose, showing filenames as the mode is modified.  If the -v flag is specified more than once, the old and new
	     modes of the file will also be printed, in both octal and symbolic notation.

     The -H, -L and -P options are ignored unless the -R option is specified.  In addition, these options override each other and the command's
     actions are determined by the last one specified.

     Only the owner of a file or the super-user is permitted to change the mode of a file.

EXIT STATUS

     The chmod utility exits 0 on success, and >0 if an error occurs.

MODES

     Modes may be absolute or symbolic.  An absolute mode is an octal number constructed from the sum of one or more of the following values:

	   4000    (the setuid bit).  Executable files with this bit set will run with effective uid set to the uid of the file owner.	Directo-
		   ries with this bit set will force all files and sub-directories created in them to be owned by the directory owner and not by
		   the uid of the creating process, if the underlying file system supports this feature: see chmod(2) and the suiddir option to
		   mount(8).
	   2000    (the setgid bit).  Executable files with this bit set will run with effective gid set to the gid of the file owner.
	   1000    (the sticky bit).  See chmod(2) and sticky(7).
	   0400    Allow read by owner.
	   0200    Allow write by owner.
	   0100    For files, allow execution by owner.  For directories, allow the owner to search in the directory.
	   0040    Allow read by group members.
	   0020    Allow write by group members.
	   0010    For files, allow execution by group members.  For directories, allow group members to search in the directory.
	   0004    Allow read by others.
	   0002    Allow write by others.
	   0001    For files, allow execution by others.  For directories allow others to search in the directory.

     For example, the absolute mode that permits read, write and execute by the owner, read and execute by group members, read and execute by oth-
     ers, and no set-uid or set-gid behaviour is 755 (400+200+100+040+010+004+001).

     The symbolic mode is described by the following grammar:

	   mode 	::= clause [, clause ...]
	   clause	::= [who ...] [action ...] action
	   action	::= op [perm ...]
	   who		::= a | u | g | o
	   op		::= + | - | =
	   perm 	::= r | s | t | w | x | X | u | g | o

     The who symbols ``u'', ``g'', and ``o'' specify the user, group, and other parts of the mode bits, respectively.  The who symbol ``a'' is
     equivalent to ``ugo''.

     The perm symbols represent the portions of the mode bits as follows:

	   r	   The read bits.
	   s	   The set-user-ID-on-execution and set-group-ID-on-execution bits.
	   t	   The sticky bit.
	   w	   The write bits.
	   x	   The execute/search bits.
	   X	   The execute/search bits if the file is a directory or any of the execute/search bits are set in the original (unmodified) mode.
		   Operations with the perm symbol ``X'' are only meaningful in conjunction with the op symbol ``+'', and are ignored in all other
		   cases.
	   u	   The user permission bits in the original mode of the file.
	   g	   The group permission bits in the original mode of the file.
	   o	   The other permission bits in the original mode of the file.

     The op symbols represent the operation performed, as follows:

     +	   If no value is supplied for perm, the ``+'' operation has no effect.  If no value is supplied for who, each permission bit specified in
	   perm, for which the corresponding bit in the file mode creation mask (see umask(2)) is clear, is set.  Otherwise, the mode bits repre-
	   sented by the specified who and perm values are set.

     -	   If no value is supplied for perm, the ``-'' operation has no effect.  If no value is supplied for who, each permission bit specified in
	   perm, for which the corresponding bit in the file mode creation mask is clear, is cleared.  Otherwise, the mode bits represented by the
	   specified who and perm values are cleared.

     =	   The mode bits specified by the who value are cleared, or, if no who value is specified, the owner, group and other mode bits are
	   cleared.  Then, if no value is supplied for who, each permission bit specified in perm, for which the corresponding bit in the file
	   mode creation mask is clear, is set.  Otherwise, the mode bits represented by the specified who and perm values are set.

     Each clause specifies one or more operations to be performed on the mode bits, and each operation is applied to the mode bits in the order
     specified.

     Operations upon the other permissions only (specified by the symbol ``o'' by itself), in combination with the perm symbols ``s'' or ``t'',
     are ignored.

     The ``w'' permission on directories will permit file creation, relocation, and copy into that directory.  Files created within the directory
     itself will inherit its group ID.

EXAMPLES

     644	   make a file readable by anyone and writable by the owner only.

     go-w	   deny write permission to group and others.

     =rw,+X	   set the read and write permissions to the usual defaults, but retain any execute permissions that are currently set.

     +X 	   make a directory or file searchable/executable by everyone if it is already searchable/executable by anyone.

     755
     u=rwx,go=rx
     u=rwx,go=u-w  make a file readable/executable by everyone and writable by the owner only.

     go=	   clear all mode bits for group and others.

     g=u-w	   set the group bits equal to the user bits, but clear the group write bit.

COMPATIBILITY

     The -v option is non-standard and its use in scripts is not recommended.

SEE ALSO

     chflags(1), install(1), setfacl(1), chmod(2), stat(2), umask(2), fts(3), setmode(3), sticky(7), symlink(7), chown(8), mount(8)

STANDARDS

     The chmod utility is expected to be IEEE Std 1003.2 (``POSIX.2'') compatible with the exception of the perm symbol ``t'' which is not
     included in that standard.

HISTORY

     A chmod command appeared in Version 1 AT&T UNIX.

BUGS

     There is no perm option for the naughty bits of a horse.

BSD
								 January 26, 2009							       BSD
All times are GMT -4. The time now is 03:44 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy