I am not familiar with AIX, but perhaps you could search for all executables that are owned by root and for which only root has executable permission:
I used two directories (/sbin, /usr/sbin) which (at least on systems that I've used) typically include system daemons and utilities.
Regards,
Alister
Last edited by alister; 03-19-2013 at 11:01 PM..
Reason: forgot the dash before 001
I have to write a script (not C based) that allows to capture of all commands issued by the user “root”.
First, I tried to monitor the .bash_history but the commands are written in chunk after the .bash_history is closed.
How can I capture the commands in Real-Time without waiting root to... (4 Replies)
Hi
I have been asked to find out how to
1) create users
2) reset passwords
3) kill processes that may require root privileges
without having root password, sudo rights or rights to passwd command
Any ideas?
Thanks in advance (1 Reply)
Dear all
Ihave written a script in Hpux9.0, the ecript is working fine if I run it from root command prompt
But when I am running it thru /etc/profile or /user/.profile and login as a normal user, the owner of the process running the script is the normal user & hence cant run a root privileaged... (7 Replies)
Good morning everybody. I have just receiedv a complaint from our DBA saying that if he create a scripts to run some Oracle performance scripts using crontab and the scheduling part is ok but the job is failed when I checked on /var/adm/cron/log.
I have tried his scripts using Oracle id directly... (4 Replies)
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
So I have a script that runs as a non-root user, lets say the username is 'xymon' .
This script needs to log on to a remote system as a non-root user also and call up a bash script that runs another bash script as root.
in short: user xymon on system A needs to run a file as root user and have... (2 Replies)
I am using SUSE Linux Enterprise Server 10 SP2 (i586) and I had earlier ammended my sudoers file to allow users to become root user with "sudo su - " command
Now I am trying to add multiple users to the sudoers file to run several commands such as restarting the server, restarting the nagios... (9 Replies)
is it possible that we can restrict the root user if he runs some commands?? e.g i want if root runs command 'rm etc/passwd', he shoudn't be able to run command and throws error :confused: (3 Replies)
I'm looking for a way to track commands that are run as root after a user runs sudo su - root. I have a profile set up for root that will track the commands by userid but if we change the shell it only stores it in that shells history file. (2 Replies)
Hello I have a script which is working fine so far to generate HTML file. Now i am wondering how do i include a syntax where it can change itself to root user and execute a specific commands as root user.
Please help, Thanks in advance.
-Siddhesh (2 Replies)
Discussion started by: Siddheshk
2 Replies
LEARN ABOUT OSF1
dop
dop(8) System Manager's Manual dop(8)NAME
dop - Allows a user to execute a privileged program without knowing the root password. The dop command also modifies the action database.
SYNOPSIS
/usr/sbin/dop [-n | -N] [ui:] action [args]
/usr/sbin/dop -a priv[,priv]... action [ui:]pathspec[,[ui:]pathspec]...
/usr/sbin/dop -a priv[,priv]... [ui:]pathspec
/usr/sbin/dop -d action
/usr/sbin/dop [-w | -W]
OPTIONS
Invokes a prompt asking the user if they want to run the command as a user or as root. The root password is required to run as root.
Attempts to run the action with the user privileges. Adds new actions to the dop database. Deletes an existing action from the dop data-
base. Writes a binary image without changing the source. Updates the actionlist from the dop action file and then executes the -w option,
which writes the binary image.
OPERANDS
Name of privileged program to invoke Arguments to pass to the application guarded by the privilege. Comma separated privilege list (see
sysman dopconfig) The fully qualified path name and arguments for the associated action.
When specified by a comma separated pathlist and arguments for multiple user interface domains (ui:), the first ui: argument speci-
fied is used as the default. If no action is specified, then the path base name is used. A run-time argument replaces the first
occurrence of asterisk as a word (for example *) in a string, or else they are ignored. Path arguments should be quoted per the cur-
rent shell. Optional. A user interface domain, typically one of X11, suit, java, menu, cui, or cli.
DESCRIPTION
The dop (Division of Privileges) command can execute an action after proper authentication from the privilege database file. For more
information, see the Security guide.
RESTRICTIONS
You must have root privileges to modify the privileges database.
EXAMPLES
The following example will add an action to the AccountManagement privilege. dop -a AccountManagement adduser_script /usr/sbin/adduser
The following example runs the action adduser_script for the AccountManagement privilege. dop adduser_script
The following example deletes the adduser_script action from the action database. dop -d adduser_script
FILES
Executable file. Executable file for adding or deleting permissions for users and or groups. dop database.
SEE ALSO
Commands: sysman(8)dop(8)