https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453555#M11802 I had the same problem. I hade to write a C routin that used the setuid and setgid funtion calls and then did a system call to run the needed scripts. The c routine has to be owned by root with the s bit set and the w bit removed for security. Tue, 17 Oct 2000 17:13:09 GMT Lawrence Mahan 2000-10-17T17:13:09Z https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453552#M11799 I have an OPS staff that does not have root access that I want to create make_recovery tapes. I've given them a menu that invokes a script this is owned by root and has the set_uid bit set.<BR />Script Permissions are 4750 Owner is root group is root. <BR />The operator is a member of the root group and can execute the script.<BR />The command in the script is :<BR />/opt/ignite/bin/make_recovery -AvC -d /dev/rmt/5mn -b /tmp/uninstalf.recovery<BR />Failure message are:<BR /> HP-UX System Recovery<BR />nftw: Permission denied<BR />make_recovery(338): Failed on /<BR />make_recovery(346): failed on /<BR /> Validating append file<BR /> Done<BR />make_recovery(228): make_recovery(1M) encountered a fatal error.<BR />make_recovery(230): Please fix errors and re-try.<BR /> Cleanup<BR /><BR />Looks like make_recovery programs are ignoring euid of the script. Any suggestions on how to make this work?<BR /><BR />HP-UX 11.0 Ignite B.2.4.307<BR /><BR />Thanks for your time &amp; help.<BR /><BR /><BR /><BR /> Fri, 13 Oct 2000 20:50:05 GMT https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453552#M11799 Dan Ryan 2000-10-13T20:50:05Z https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453553#M11800 If the make_recovery subcomponents dig deeper than euid, you will probably have to use Sudo or something similar. Fri, 13 Oct 2000 20:54:48 GMT https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453553#M11800 Alan Riggs 2000-10-13T20:54:48Z https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453554#M11801 run du / to get the list of subdirs -clean unnecessary data under / and try again. <BR /> Fri, 13 Oct 2000 22:17:59 GMT https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453554#M11801 Ian_4 2000-10-13T22:17:59Z https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453555#M11802 I had the same problem. I hade to write a C routin that used the setuid and setgid funtion calls and then did a system call to run the needed scripts. The c routine has to be owned by root with the s bit set and the w bit removed for security. Tue, 17 Oct 2000 17:13:09 GMT https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453555#M11802 Lawrence Mahan 2000-10-17T17:13:09Z https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453556#M11803 sudo would be a good choice. In addition to running the make_recovery as root, you will get logging of the event, who did it, and when it was done.<BR /><BR />The sudoers file can be setup to only allow the make_recovery and can be limited to a certain group of users. They can be setup to do nothing else as root except the make_recovery. Tue, 17 Oct 2000 17:20:55 GMT https://community.hpe.com/t5/operating-system-hp-ux/non-root-users-executing-make-recovery/m-p/2453556#M11803 Rick Garland 2000-10-17T17:20:55Z