Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Why my SETUID does not work as expected?
Top Forums Shell Programming and Scripting Why my SETUID does not work as expected? Post 302960625 by fpmurphy on Tuesday 17th of November 2015 09:33:10 PM
Old 11-17-2015
Linux and most other Unix-like OSes by design ignore the setuid bit on an executable script.
 

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Script doesn't work as expected when run on cron

The script checks for free space stats on Oracle. If there are any tablespaces with more than 85% usage it prints the details of the tablespace. If all the tablespaces have more than 15% free space, then "All tablespaces have more than 15 pct free space" must be printed on the screen. When I run... (2 Replies)
Discussion started by: RoshniMehta
2 Replies

2. UNIX for Dummies Questions & Answers

For some reason, my grep doesn't work as expected

I am trying to find only those entries where 7018 and another number appear in the end of the line. 7018 2828 1423 2351 7018 2828 14887 2828 7018 1222 123 7018 1487 I am looking for a way to generate only the last two lines. I was trying to do just "grep '7018{1,5}" but it does not... (5 Replies)
Discussion started by: Legend986
5 Replies

3. Red Hat

/usr/bin/find && -exec /bin/rm never work as expected

hi there, Would you able to advise that why the syntax or statement below couldn't work as expected ? /usr/bin/find /backup -name "*tar*" -mtime +2 -exec /bin/rm -f {} \; 1> /dev/null 2>&1 In fact, I was initially located it as in crontab job, but it doesn't work at all. So, I was... (9 Replies)
Discussion started by: rauphelhunter
9 Replies

4. Shell Programming and Scripting

Parsing XML in awk : OFS does not work as expected

Hi, I am trying to parse regular XML file where I have to reduce number of decimal points in some xml elements. I am using following AWK command to achive that : #!/bin/ksh EDITCMD='BEGIN { FS = ""; OFS=FS } { if ( $3 ~ "*\\.*" && length(substr($3,1+index($3,"."))) == 15 ) {... (4 Replies)
Discussion started by: martin.franek
4 Replies

5. Shell Programming and Scripting

Joining Two Files Does not Work as Expected

Hi, I would like some help with the above awk command. I am trying to use the join command to join two files, no luck. I need to put the second column from file2.txt into each matching field of file1.txt. It works OK up to the value of 1000 of the matching column (1at column in both... (13 Replies)
Discussion started by: yirgacheffe
13 Replies

6. UNIX for Dummies Questions & Answers

sed command does not work as expected

Why when I use this command do I get "E123"? echo NCE123 | sed -n 's/\(.*\)\(\{1,\}\{1,5\}\)\(.*\)/\2/p' But when I used this command, I get NCE123? echo NCE123 | sed -n 's/\(.*\)\(\{3\}\{1,5\}\)\(.*\)/\2/p' I thought \{1,\} would mean any number of characters and \{1,5\ would mean 1-5... (1 Reply)
Discussion started by: newbie2010
1 Replies

7. UNIX for Beginners Questions & Answers

What keeps me from abusing setuid(0) and programs with setuid bit set?

Just learning about the privilege escalation method provided by setuid. Correct me if I am wrong but what it does is change the uid of the current process to whatever uid I set. Right ? So what stops me from writing my own C program and calling setuid(0) within it and gaining root privileges ? ... (2 Replies)
Discussion started by: sreyan32
2 Replies

8. UNIX for Beginners Questions & Answers

Bash script does not work as expected

Repeat this text in a file named notes.txt and run the script Before bash is a good language a blank line appears Also, the following notes are displayed incorrectly What is bad? ================================== Title : Note 1 ================================== Category: Computer Date... (3 Replies)
Discussion started by: cesar60
3 Replies

LEARN ABOUT DEBIAN

fs_setcell

FS_SETCELL(1)						       AFS Command Reference						     FS_SETCELL(1)

NAME

       fs_setcell - Configures permissions for setuid programs from specified cells

SYNOPSIS

       fs setcell -cell <cell name>+ [-suid] [-nosuid] [-help]

       fs setce -c <cell name>+ [-s] [-n] [-h]

DESCRIPTION

       The fs setcell command sets whether the Cache Manager allows programs (and other executable files) from each cell named by the -cell
       argument to run with setuid permission. By default, the Cache Manager allows programs from its home cell to run with setuid permission, but
       not programs from any foreign cells. A program belongs to the same cell as the file server machine that houses the volume in which the
       program's binary file resides, as specified in the file server machine's /etc/openafs/server/ThisCell file. The Cache Manager determines
       its own home cell by reading the /etc/openafs/ThisCell file at initialization.

       To enable programs from each specified cell to run with setuid permission, include the -suid flag. To prohibit programs from running with
       setuid permission, include the -nosuid flag, or omit both flags.

       The fs setcell command directly alters a cell's setuid status as recorded in kernel memory, so rebooting the machine is unnecessary.
       However, non-default settings do not persist across reboots of the machine unless the appropriate fs setcell command appears in the
       machine's AFS initialization file.

       To display a cell's setuid status, issue the fs getcellstatus command.

CAUTIONS

       AFS does not recognize effective UID: if a setuid program accesses AFS files and directories, it does so using the current AFS identity of
       the AFS user who initialized the program, not of the program's owner.  Only the local file system recognizes effective UID.

       Only members of the system:administrators group can turn on the setuid mode bit on an AFS file or directory.

       When the setuid mode bit is turned on, the UNIX "ls -l" command displays the third user mode bit as an "s" instead of an "x". However, the
       "s" does not appear on an AFS file or directory unless setuid permission is enabled for the cell in which the file resides.

OPTIONS

       -cell <cell name>+
	   Names each cell for which to set setuid status. Provide the fully qualified domain name, or a shortened form that disambiguates it from
	   the other cells listed in the local /etc/openafs/CellServDB file.

       -suid
	   Allows programs from each specified cell to run with setuid privilege. Provide it or the -nosuid flag, or omit both flags to disallow
	   programs from running with setuid privilege.

       -nosuid
	   Prevents programs from each specified cell from running with setuid privilege. Provide it or the -suid flag, or omit both flags to
	   disallow programs form running with setuid privilege.

       -help
	   Prints the online help for this command. All other valid options are ignored.

EXAMPLES

       The following command enables executable files from the State University cell to run with setuid privilege on the local machine:

	  % fs setcell -cell stateu.edu -suid

PRIVILEGE REQUIRED

       The issuer must be logged in as the local superuser root.

SEE ALSO

       fs_getcellstatus(1)

COPYRIGHT

       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.  It was converted from HTML to POD by software written by Chas
       Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.

OpenAFS 							    2012-03-26							     FS_SETCELL(1)
All times are GMT -4. The time now is 04:49 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy