HPE Community
Operating System - HP-UX
1753879 Members
7664 Online
108809 Solutions
New Discussion юеВ

Re: interrupting a script run as root

 
federico_3
Honored Contributor

тАО02-07-2002 01:27 AM

тАО02-07-2002 01:27 AM

interrupting a script run as root

i have to run, as a normal user, a script with the root permission. How can i avoid to enter the root shell if interrupt the execution of the script ?


Thanks
Federico
0 Kudos
Reply
6 REPLIES 6
Deepak Extross
Honored Contributor

тАО02-07-2002 01:31 AM

тАО02-07-2002 01:31 AM

Re: interrupting a script run as root

If the script is owned by root with su-id bit on, and others have only execute permission, I guess it should be OK.
Just be careful not to allow others write permission on the script!
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

тАО02-07-2002 01:54 AM

тАО02-07-2002 01:54 AM

Re: interrupting a script run as root

Hi,

I use restricted SAM for such purposes. Easy menu-system for the user, let them execute with root privileges for restricted commands.

# sam -r

Hope this helps. Regards.

Steven Sim Kok Leong
0 Kudos
Reply
Darrell Allen
Honored Contributor

тАО02-07-2002 07:33 AM

тАО02-07-2002 07:33 AM

Re: interrupting a script run as root

Hi Federico,

I believe that when the user breaks out of the script, he will be returned to his shell, not root's. However, it is good practice to use the trap statement in your shell scripts. For example:

trap "" 2

This tells the script to ignore signal 2, the interrupt or break signal. The effect is you can't break out of the script with CTRL-C.

man 1 kill for the most commonly used signals. kill -l (lowercase letter l) lists all signals. man sh-posix (or the other shells) for more info.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО02-07-2002 05:18 PM

тАО02-07-2002 05:18 PM

Re: interrupting a script run as root

Actually, giving any script root SUID permission is a big security risk. It is much safer to write an executable to perform the task. Or to use sudo (freeware that can be downloaded).

For now, prevent interrupting the shell script the same way as /etc/profile does it:

trap "" 1 2 3

Make this the first statement after your shell script loader (ie, first line must be #!/usr/bin/sh). Note: every shell script should start with #!/usr/bin/shell_name


Bill Hassell, sysadmin
0 Kudos
Reply
Wodisch
Honored Contributor

тАО02-07-2002 11:43 PM

тАО02-07-2002 11:43 PM

Re: interrupting a script run as root

Hello Frederic,

start the last command with "exec" - if that is aborted somehow, there will be no shell "left"...

Just my $0.02,
Wodisch
0 Kudos
Reply
ian Dennison
Regular Advisor

тАО02-08-2002 01:27 AM

тАО02-08-2002 01:27 AM

Re: interrupting a script run as root

If this is a long-term requirement, wny not investigate 'sudo' (from the HP Porting Centre)? This gives the ability to grant root access for certain Users without compromising security.

Share and Enjoy! Ian
Lets do it to them before they do it to us! www.fred.net.nz
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.