Login or Register to Ask a Question and Join Our Community


Solaris

exec_attr permission for whole directory

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris exec_attr permission for whole directory
# 1  
Old 07-29-2010
exec_attr permission for whole directory
Hi friends,

I would like to grant a management capability for a specific application to my user test. Application is installed under /opt/myApp and has startup and management scripts under directories bin and sbin. This application is installed by root and can be managed by root. For security considerations, we would like to disable switching to root user in order to start/stop this application. So I assigned built-in profile "System Administrator" to user test. I gave all permissions to user test with setfacl for /opt/myApp. But it's not enough in order to run the application as root. So i added some lines in to /etc/security/exec_attr file as follows :

System Administrator:suser:cmd:::/opt/myApp/sbin/startup.sh:uid=0;euid=0;privs=all

...

including all executables under the directory.

Now I can run the script with pfexec command. However some scripts are failing with library errors. As I discovered through the scripts, executables under the directory are calling other scripts from various directories. My question is :

Is there a way to enable a user run a script, that is calling other scripts, with root privileges by entering a single line of entry in exec_attr that is indicating the main script ?

This way, it will look like : my main script will spawn a new shell with root privileges and all scripts will be able to run successfully.

Thanks,
Niyazi
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

How to set owner and permission for files/directory in directory in this case?

Hi. My example: I have a filesystem /log. Everyday, log files are copied to /log. I'd like to set owner and permission for files and directories in /log like that chown -R log_adm /log/* chmod -R 544 /log/*It's OK, but just at that time. When a new log file or new directory is created in /log,... (8 Replies)
Discussion started by: bobochacha29
8 Replies

2. UNIX for Dummies Questions & Answers

Change permission to a directory

Hi, How do i change the permission to read/write to a windows directory? (1 Reply)
Discussion started by: lg123
1 Replies

3. UNIX for Dummies Questions & Answers

Directory permission

hi i have a directory called dbms and group dba.... My question is how do i set full permissions i.e read/write/execute for all user(in dba group) for the directory dbms. If i use the following cmd chmod g+rwx dbms here in above cmd ..which group it denotes..how AIX will know (3 Replies)
Discussion started by: udtyuvaraj
3 Replies

4. AIX

Do you need execute permission to navigate to a directory?

i have a user 'bart' which does not belong to apps group (as shown below) and i want him to be able to navigate to TEST directory.. i gave him read access but he cannot get through. when i added execute permission he was able to navigate to TEST drwxr-xr-- 3 draco apps 4096 Apr... (2 Replies)
Discussion started by: chipahoys
2 Replies

5. Solaris

Delete Permission on Directory

Hi, I have a directory /u01/source. Following are current permission on directory source. oracle@TEST # ls -l source drwxrwxrwx 2 user1 userbi 31232 Apr 8 13:33 EG1 drwxrwxrwx 2 user1 userbi 1024 Apr 8 05:45 E2 drwxrwxrwx 2 user1 userbi 57344 Mar 15 10:22 h5 There is another ... (4 Replies)
Discussion started by: fahdmirza
4 Replies

6. Fedora

Find Files in Directory by Permission?

Hello. I need to write a script that lets the user pick a directory. Then, all files are looped through, and the ones with read-write (for current user I think) are listed. Ending with a count of those files, but that parts easy. What I'm confused about is the middle. So far I have ... (15 Replies)
Discussion started by: Feuyaer
15 Replies

7. Solaris

reg directory permission

One small doubt. can anyone explain me the difference between directory read and execute permission. (2 Replies)
Discussion started by: rogerben
2 Replies

8. Solaris

execute in exec_attr in Solaris 10 w/ Trusted Extensions

How do I get this line to execute in exec_attr in Solaris 10 with Trusted Extensions? It needs to run as 'sh cpu_root.sh' With the 'sh' it won't execute. Oracle_Install:solaris:cmd:::/cots/oracle/patches/CPUJan2009/9999999/sh cpu_root.sh:uid=0;gid=0 -----Post Update----- Or... (1 Reply)
Discussion started by: djehres
1 Replies

9. UNIX for Dummies Questions & Answers

two groups with permission on one directory

Hi, I have a directory that needs to be accessed by the members of two groups: group1 needs rw access group2 needs only r access others should have no rights I must be missing something obvious, but I can't figure out how to do it! Any ideas? (2 Replies)
Discussion started by: StephenJH
2 Replies

10. UNIX for Dummies Questions & Answers

related to directory permission

$mkdir nw_dir $----------- $cd nw_dir bash:permission denied so what need to be filled in the blanks? (1 Reply)
Discussion started by: mxms755
1 Replies
Login or Register to Ask a Question

LEARN ABOUT OSF1

install-solaris

install-solaris(1M)													       install-solaris(1M)

NAME

       install-solaris - install the Solaris operating system

SYNOPSIS

       install-solaris

       install-solaris	invokes  the  Solaris  Install	program. Depending on graphical capability and available memory at the time of invocation,
       install-solaris invokes either a text-based installer or a graphical installer.

       The following minimum requirements for physical memory dictate which features are available during installation:

       For SPARC machines:

       128 MB

	   Minimum physical memory for all installation types

       128 MB

	   Minimum physical memory required for windowing system

       384 MB

	   Minimum physical memory required for graphical-based installation

       For x86 machines:

       256 MB

	   Minimum physical memory for all installation types

       256 MB

	   Minimum physical memory required for windowing system

       512 MB

	   Minimum physical memory required for graphical-based installation

       In some cases, even if the minimum physical memory is present, available virtual memory after system startup can limit the number  of  fea-
       tures available.

       install-solaris	exists	only  on  the Solaris installation media (CD or DVD) and should be invoked only from there. Refer to the  for more
       details.

       install-solaris allows installation of the operating system onto any standalone system. install-solaris loads the software available on the
       installation media. Refer to the  for disk space requirements.

       Refer to the  for more information on the various menus and selections.

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcdrom  (Solaris instal-  |
       |			     |lation media)		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

       pkginfo(1), install(1M), pkgadd(1M), attributes(5)

       It is advisable to exit install-solaris by means of the exit options in the install-solaris menus.

								    23 Sep 2005 					       install-solaris(1M)